Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,038 advisories

Loading
Autel EVO NANO drone flight control firmware version 1.6.5 is vulnerable to denial of service (DoS). Moderate Unreviewed
CVE-2023-50121 was published Jan 6, 2024
Duplicate Advisory: encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs High
GHSA-4553-hq82-8654 was published for encoded_id-rails (RubyGems) Jan 4, 2024 withdrawn
An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment,... High Unreviewed
CVE-2023-42358 was published Jan 3, 2024
An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the... Moderate Unreviewed
CVE-2023-49555 was published Jan 3, 2024
An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the... Moderate Unreviewed
CVE-2023-49557 was published Jan 3, 2024
An issue was discovered in open5gs v2.6.6. SIGPIPE can be used to crash AMF. High Unreviewed
CVE-2023-50020 was published Jan 3, 2024
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs... High Unreviewed
CVE-2023-49550 was published Jan 3, 2024
An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a... Moderate Unreviewed
CVE-2023-50019 was published Jan 3, 2024
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due... Moderate Unreviewed
CVE-2023-26157 was published Jan 2, 2024
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF... Moderate Unreviewed
CVE-2023-6228 was published Dec 28, 2023
DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value Moderate
CVE-2023-6681 was published for jwcrypto (pip) Dec 28, 2023
Grails data binding causes JVM crash and/or other denial of service Moderate
CVE-2023-46131 was published for org.grails:grails-databinding (Maven) Dec 20, 2023
Denial of service when decrypting attack controlled input in github.com/dvsekhvalnov/jose2go Moderate
GHSA-mhpq-9638-x6pw was published for github.com/dvsekhvalnov/jose2go (Go) Dec 20, 2023
A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource... Moderate Unreviewed
CVE-2023-6910 was published Dec 20, 2023
Through the exploitation of active user sessions, an attacker could send custom requests to... Critical Unreviewed
CVE-2023-50707 was published Dec 20, 2023
Apache Superset uncontrolled resource consumption Moderate
CVE-2023-46104 was published for apache-superset (pip) Dec 19, 2023
Grackle has StackOverflowError in GraphQL query processing High
CVE-2023-50730 was published for edu.gemini:gsp-graphql-core_2.13 (Maven) Dec 18, 2023
Sentry's Astro SDK vulnerable to ReDoS High
CVE-2023-50249 was published for @sentry/astro (npm) Dec 18, 2023
An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows... High Unreviewed
CVE-2023-41151 was published Dec 14, 2023
Unbounded queuing of path validation messages in cloudflare-quiche Moderate
CVE-2023-6193 was published for quiche (Rust) Dec 13, 2023
LPardue marten-seemann
Credited to LPardue and marten-seemann
Denial-of-service (DoS) vulnerability exists in rfe service of HMI GC-A2 series. If a remote... High Unreviewed
CVE-2023-49143 was published Dec 12, 2023
Denial-of-service (DoS) vulnerability exists in NetBIOS service of HMI GC-A2 series. If a remote... High Unreviewed
CVE-2023-49713 was published Dec 12, 2023
Denial-of-service (DoS) vulnerability exists in commplex-link service of HMI GC-A2 series. If a... High Unreviewed
CVE-2023-49140 was published Dec 12, 2023
Denial-of-service (DoS) vulnerability exists in FTP service of HMI GC-A2 series. If a remote... High Unreviewed
CVE-2023-41963 was published Dec 12, 2023
Mattermost fails to handle a null request body in the /add endpoint, allowing a simple member to... Moderate Unreviewed
CVE-2023-49809 was published Dec 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database