GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
321 advisories
Filter by severity
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5...
High
Unreviewed
CVE-2024-26461
was published
Feb 29, 2024
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS...
High
Unreviewed
CVE-2024-20321
was published
Feb 29, 2024
When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP)...
High
Unreviewed
CVE-2024-23979
was published
Feb 14, 2024
Certain DNSSEC aspects of the DNS protocol (in RFC 4035 and related RFCs) allow remote attackers...
High
Unreviewed
CVE-2023-50387
was published
Feb 14, 2024
For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time...
High
Unreviewed
CVE-2024-21771
was published
Feb 14, 2024
To keep its cache database efficient, `named` running as a recursive resolver occasionally...
High
Unreviewed
CVE-2023-6516
was published
Feb 13, 2024
In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of...
High
Unreviewed
CVE-2023-52427
was published
Feb 11, 2024
An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper...
High
Unreviewed
CVE-2024-21604
was published
Jan 12, 2024
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation...
High
Unreviewed
CVE-2023-3171
was published
Dec 27, 2023
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size...
High
Unreviewed
CVE-2023-5379
was published
Dec 13, 2023
An issue was discovered in Zammad before 6.2.0. Due to lack of rate limiting in the "email...
High
Unreviewed
CVE-2023-50455
was published
Dec 10, 2023
Under certain circumstances, invalid authentication credentials could be sent to the login...
High
Unreviewed
CVE-2023-4486
was published
Dec 7, 2023
A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers...
High
Unreviewed
CVE-2023-48831
was published
Dec 7, 2023
A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow...
High
Unreviewed
CVE-2023-20155
was published
Nov 1, 2023
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in...
High
Unreviewed
CVE-2023-45862
was published
Oct 14, 2023
An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos...
High
Unreviewed
CVE-2023-44191
was published
Oct 13, 2023
When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server,...
High
Unreviewed
CVE-2023-40542
was published
Oct 10, 2023
Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing...
High
Unreviewed
CVE-2023-5330
was published
Oct 9, 2023
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1...
High
Unreviewed
CVE-2023-45371
was published
Oct 9, 2023
Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common...
High
Unreviewed
CVE-2023-3967
was published
Oct 3, 2023
A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series...
High
Unreviewed
CVE-2023-20033
was published
Sep 27, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in the RCPbind service running on UDP port (111),...
High
Unreviewed
CVE-2022-47562
was published
Sep 20, 2023
When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed...
High
Unreviewed
CVE-2023-38039
was published
Sep 15, 2023
QUIC connections do not set an upper bound on the amount of data buffered when reading post...
High
Unreviewed
CVE-2023-39322
was published
Sep 8, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5,...
High
Unreviewed
CVE-2023-4647
was published
Sep 1, 2023
ProTip!
Advisories are also available from the
GraphQL API