GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,330 advisories
Filter by severity
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all...
Moderate
Unreviewed
CVE-2024-2800
was published
Aug 8, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2024-4210
was published
Aug 8, 2024
Django memory consumption vulnerability
Moderate
CVE-2024-41989
was published
for
Django
(pip)
Aug 7, 2024
PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed...
High
Unreviewed
CVE-2024-30170
was published
Aug 6, 2024
Podman vulnerable to memory-based denial of service
Moderate
CVE-2024-3056
was published
for
github.com/containers/podman
(Go)
Aug 2, 2024
A denial-of-service vulnerability could allow an authenticated user to trigger an internal...
Low
Unreviewed
CVE-2022-4003
was published
Jul 31, 2024
An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to...
Moderate
Unreviewed
CVE-2024-37281
was published
Jul 31, 2024
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma...
Moderate
Unreviewed
CVE-2024-27862
was published
Jul 30, 2024
fast-xml-parser vulnerable to ReDOS at currency parsing
High
CVE-2024-41818
was published
for
fast-xml-parser
(npm)
Jul 29, 2024
An issue in the Certificate Authenticated Session Establishment (CASE) protocol for establishing...
Moderate
Unreviewed
CVE-2024-3297
was published
Jul 24, 2024
Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint
High
CVE-2024-40634
was published
for
github.com/argoproj/argo-cd
(Go)
Jul 22, 2024
DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources
Moderate
GHSA-mmwx-rj87-vfgr
was published
for
dnsjava:dnsjava
(Maven)
Jul 22, 2024
Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. ...
Moderate
Unreviewed
CVE-2024-21126
was published
Jul 17, 2024
A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an...
High
Unreviewed
CVE-2024-5795
was published
Jul 17, 2024
REXML denial of service vulnerability
Moderate
CVE-2024-39908
was published
for
rexml
(RubyGems)
Jul 16, 2024
Fiona affected by CVE-2020-14152 related to madler-zlib
High
GHSA-g4m4-9q4c-mfw6
was published
for
fiona
(pip)
Jul 16, 2024
A flaw was found in libtiff. This flaw allows an attacker to create a crafted tiff file, forcing...
Moderate
Unreviewed
CVE-2024-6716
was published
Jul 15, 2024
A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function...
Moderate
Unreviewed
CVE-2023-39329
was published
Jul 13, 2024
A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a...
Moderate
Unreviewed
CVE-2023-39327
was published
Jul 13, 2024
An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway)...
High
Unreviewed
CVE-2024-39551
was published
Jul 11, 2024
An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks...
High
Unreviewed
CVE-2024-39548
was published
Jul 11, 2024
An Uncontrolled Resource Consumption vulnerability in the
Layer 2 Address Learning Daemon ...
High
Unreviewed
CVE-2024-39557
was published
Jul 11, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create...
High
Unreviewed
CVE-2024-6037
was published
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API