Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,301 advisories

Loading
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs)... High Unreviewed
CVE-2024-41727 was published Aug 14, 2024
Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service Vulnerability High
CVE-2024-38168 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 13, 2024
A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation... Moderate Unreviewed
CVE-2024-7567 was published Aug 13, 2024
A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege... High Unreviewed
CVE-2023-31348 was published Aug 13, 2024
NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python... Moderate Unreviewed
CVE-2024-0115 was published Aug 12, 2024
CosmWasm wasmd has large address count in ValidateBasic Low
GHSA-m3rh-cvr5-x6q4 was published for github.com/CosmWasm/wasmd (Go) Aug 8, 2024
sushiwushi
Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all... Moderate Unreviewed
CVE-2024-5423 was published Aug 8, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed
CVE-2024-7610 was published Aug 8, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0... Moderate Unreviewed
CVE-2024-3114 was published Aug 8, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed
CVE-2024-4210 was published Aug 8, 2024
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all... Moderate Unreviewed
CVE-2024-2800 was published Aug 8, 2024
Django memory consumption vulnerability Moderate
CVE-2024-41989 was published for Django (pip) Aug 7, 2024
PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed... High Unreviewed
CVE-2024-30170 was published Aug 6, 2024
Podman vulnerable to memory-based denial of service Moderate
CVE-2024-3056 was published for github.com/containers/podman (Go) Aug 2, 2024
REXML DoS vulnerability Moderate
CVE-2024-41946 was published for rexml (RubyGems) Aug 2, 2024
naitoh
REXML DoS vulnerability Moderate
CVE-2024-41123 was published for rexml (RubyGems) Aug 1, 2024
A denial-of-service vulnerability could allow an authenticated user to trigger an internal... Low Unreviewed
CVE-2022-4003 was published Jul 31, 2024
An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to... Moderate Unreviewed
CVE-2024-37281 was published Jul 31, 2024
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2024-27862 was published Jul 30, 2024
fast-xml-parser vulnerable to ReDOS at currency parsing High
CVE-2024-41818 was published for fast-xml-parser (npm) Jul 29, 2024
Gauss-Security amitguptagwl
An issue in the Certificate Authenticated Session Establishment (CASE) protocol for establishing... Moderate Unreviewed
CVE-2024-3297 was published Jul 24, 2024
Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint High
CVE-2024-40634 was published for github.com/argoproj/argo-cd (Go) Jul 22, 2024
jake-ciolek crenshaw-dev
pasha-codefresh
DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources Moderate
GHSA-mmwx-rj87-vfgr was published for dnsjava:dnsjava (Maven) Jul 22, 2024
levpachmanov
Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. ... Moderate Unreviewed
CVE-2024-21126 was published Jul 17, 2024
A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an... High Unreviewed
CVE-2024-5795 was published Jul 17, 2024
ProTip! Advisories are also available from the GraphQL API