Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

886 advisories

Loading
A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2024-54538 was published Dec 20, 2024
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service High
GHSA-5pf6-cq2v-23ww was published for github.com/clidey/whodb/core (Go) Dec 19, 2024
thevilledev
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2023-30443 was published Dec 19, 2024
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user... Unknown Unreviewed
CVE-2024-56319 was published Dec 19, 2024
Non-linear parsing of case-insensitive content in golang.org/x/net/html High
CVE-2024-45338 was published for golang.org/x/net (Go) Dec 18, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.4.6,... Moderate Unreviewed
CVE-2024-9367 was published Dec 12, 2024
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2,... Moderate Unreviewed
CVE-2024-54501 was published Dec 12, 2024
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS... Critical Unreviewed
CVE-2024-44241 was published Dec 12, 2024
Django denial-of-service in django.utils.html.strip_tags() Moderate
CVE-2024-53907 was published for Django (pip) Dec 6, 2024
rPGP Potential Resource Exhaustion when handling Untrusted Messages High
CVE-2024-53857 was published for pgp (Rust) Dec 5, 2024
invd hko-s
link2xt dignifiedquire
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the... High Unreviewed
CVE-2024-11316 was published Dec 5, 2024
Denial of Service vulnerabilities where found providing a potiential for device service... High Unreviewed
CVE-2024-48844 was published Dec 5, 2024
Denial of Service vulnerabilities where found providing a potiential for device service... High Unreviewed
CVE-2024-48843 was published Dec 5, 2024
An issue in aedes v0.51.2 allows attackers to cause a Denial of Service(DoS) via a crafted request. High Unreviewed
CVE-2024-48080 was published Dec 3, 2024
Synapse allows unsupported content types to lead to memory exhaustion High
CVE-2024-52805 was published for matrix-synapse (pip) Dec 3, 2024
Synapse denial of service through media disk space consumption High
CVE-2024-37302 was published for matrix-synapse (pip) Dec 3, 2024
Denial of service (DoS) via deformation `multipart/form-data` boundary High
CVE-2024-53981 was published for python-multipart (pip) Dec 2, 2024
Startr4ck defnull
mnqazi
rizin before Release v0.6.3 is vulnerable to Uncontrolled Resource Consumption via... High Unreviewed
CVE-2024-31669 was published Dec 2, 2024
Tornado has an HTTP cookie parsing DoS vulnerability High
CVE-2024-52804 was published for tornado (pip) Nov 22, 2024
kexinoh
Searching Opencast may cause a denial of service Moderate
CVE-2024-52797 was published for org.opencastproject:opencast-elasticsearch-impl (Maven) Nov 20, 2024
Litestar allows unbounded resource consumption (DoS vulnerability) High
CVE-2024-52581 was published for litestar (pip) Nov 20, 2024
defnull
An issue in the Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA allows... High Unreviewed
CVE-2024-48530 was published Nov 20, 2024
Password Pusher rate limiter can be bypassed by forging proxy headers Low
CVE-2024-52796 was published for pwpush (RubyGems) Nov 20, 2024
In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper... Moderate Unreviewed
CVE-2018-9412 was published Nov 20, 2024
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding... Moderate Unreviewed
CVE-2024-50285 was published Nov 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database