GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,301 advisories
Filter by severity
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs)...
High
Unreviewed
CVE-2024-41727
was published
Aug 14, 2024
Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service Vulnerability
High
CVE-2024-38168
was published
for
Microsoft.AspNetCore.App.Runtime.win-arm
(NuGet)
Aug 13, 2024
A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation...
Moderate
Unreviewed
CVE-2024-7567
was published
Aug 13, 2024
A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege...
High
Unreviewed
CVE-2023-31348
was published
Aug 13, 2024
NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python...
Moderate
Unreviewed
CVE-2024-0115
was published
Aug 12, 2024
CosmWasm wasmd has large address count in ValidateBasic
Low
GHSA-m3rh-cvr5-x6q4
was published
for
github.com/CosmWasm/wasmd
(Go)
Aug 8, 2024
Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all...
Moderate
Unreviewed
CVE-2024-5423
was published
Aug 8, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2024-7610
was published
Aug 8, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0...
Moderate
Unreviewed
CVE-2024-3114
was published
Aug 8, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2024-4210
was published
Aug 8, 2024
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all...
Moderate
Unreviewed
CVE-2024-2800
was published
Aug 8, 2024
Django memory consumption vulnerability
Moderate
CVE-2024-41989
was published
for
Django
(pip)
Aug 7, 2024
PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed...
High
Unreviewed
CVE-2024-30170
was published
Aug 6, 2024
Podman vulnerable to memory-based denial of service
Moderate
CVE-2024-3056
was published
for
github.com/containers/podman
(Go)
Aug 2, 2024
A denial-of-service vulnerability could allow an authenticated user to trigger an internal...
Low
Unreviewed
CVE-2022-4003
was published
Jul 31, 2024
An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to...
Moderate
Unreviewed
CVE-2024-37281
was published
Jul 31, 2024
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma...
Moderate
Unreviewed
CVE-2024-27862
was published
Jul 30, 2024
fast-xml-parser vulnerable to ReDOS at currency parsing
High
CVE-2024-41818
was published
for
fast-xml-parser
(npm)
Jul 29, 2024
An issue in the Certificate Authenticated Session Establishment (CASE) protocol for establishing...
Moderate
Unreviewed
CVE-2024-3297
was published
Jul 24, 2024
Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint
High
CVE-2024-40634
was published
for
github.com/argoproj/argo-cd
(Go)
Jul 22, 2024
DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources
Moderate
GHSA-mmwx-rj87-vfgr
was published
for
dnsjava:dnsjava
(Maven)
Jul 22, 2024
Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. ...
Moderate
Unreviewed
CVE-2024-21126
was published
Jul 17, 2024
A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an...
High
Unreviewed
CVE-2024-5795
was published
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API