Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

420 advisories

Loading
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs)... High Unreviewed
CVE-2024-41727 was published Aug 14, 2024
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5... High Unreviewed
CVE-2024-26461 was published Feb 29, 2024
If exploited, this vulnerability could cause a SuiteLink server to consume excessive system... High Unreviewed
CVE-2024-7113 was published Aug 13, 2024
Uncontrolled resource consumption refers to a software vulnerability where a attacker or system... High Unreviewed
CVE-2024-36462 was published Aug 12, 2024
GraphQL Java does not properly consider ExecutableNormalizedFields (ENFs) as part of preventing denial of service High
CVE-2024-40094 was published for com.graphql-java:graphql-java (Maven) Jul 30, 2024
Unlimited number of NTS-KE connections can crash ntpd-rs server High
CVE-2024-38528 was published for ntpd (Rust) Jun 28, 2024
mlichvar
A denial-of-service attack is possible through the execution functionality of KNIME Business Hub... High Unreviewed
CVE-2024-6598 was published Jul 9, 2024
OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerability High
CVE-2024-33862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jul 6, 2024
VSeeFace through 1.13.38.c2 allows attackers to cause a denial of service (application hang) via... High Unreviewed
CVE-2024-26577 was published Mar 27, 2024
An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1.... High Unreviewed
CVE-2023-43768 was published Mar 27, 2024
Django vulnerable to Denial of Service High
CVE-2024-39614 was published for Django (pip) Jul 10, 2024
A malicious client can send many DNS messages over TCP, potentially causing the server to become... High Unreviewed
CVE-2024-0760 was published Jul 23, 2024
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the... High Unreviewed
CVE-2024-1737 was published Jul 23, 2024
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a ... High Unreviewed
CVE-2024-1975 was published Jul 23, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
Excessive Iteration in gRPC High
CVE-2023-33953 was published for grpc (RubyGems) Aug 9, 2023
levpachmanov
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR... High Unreviewed
CVE-2020-3566 was published May 24, 2022
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of... High Unreviewed
CVE-2020-3569 was published May 24, 2022
Potential memory exhaustion attack due to sparse slice deserialization High
CVE-2024-37298 was published for github.com/gorilla/schema (Go) Jul 1, 2024
AlexVasiluta
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An... High Unreviewed
CVE-2024-6427 was published Jul 3, 2024
Duplicate Advisory: Denial of Service in JSON-Java High
GHSA-rm7j-f5g5-27vv was published for org.json:json (Maven) Oct 12, 2023 withdrawn
Astralidea
is_closing_session() allows users to create arbitrary tcp dbus connections High Unreviewed
CVE-2022-28655 was published Jun 5, 2024
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 ... High Unreviewed
CVE-2022-43768 was published Apr 11, 2023
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard... High Unreviewed
CVE-2020-28400 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database