GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
740 advisories
Filter by severity
Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file
Moderate
CVE-2024-26308
was published
for
org.apache.commons:commons-compress
(Maven)
Feb 19, 2024
When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP)...
High
Unreviewed
CVE-2024-23979
was published
Feb 14, 2024
For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time...
High
Unreviewed
CVE-2024-21771
was published
Feb 14, 2024
Certain DNSSEC aspects of the DNS protocol (in RFC 4035 and related RFCs) allow remote attackers...
High
Unreviewed
CVE-2023-50387
was published
Feb 14, 2024
Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial...
Moderate
Unreviewed
CVE-2024-21875
was published
Feb 11, 2024
In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of...
High
Unreviewed
CVE-2023-52427
was published
Feb 11, 2024
Django denial-of-service attack in the intcomma template filter
Moderate
CVE-2024-24680
was published
for
Django
(pip)
Feb 7, 2024
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted...
Moderate
Unreviewed
CVE-2023-22819
was published
Feb 6, 2024
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP...
Moderate
Unreviewed
CVE-2023-45028
was published
Feb 2, 2024
Memory over-allocation in evm crate
Moderate
CVE-2021-29511
was published
for
evm
(Rust)
Jan 30, 2024
OpenFGA denial of service
Moderate
CVE-2024-23820
was published
for
github.com/openfga/openfga
(Go)
Jan 26, 2024
An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper...
High
Unreviewed
CVE-2024-21604
was published
Jan 12, 2024
An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiPAM 1.0...
Moderate
Unreviewed
CVE-2023-37934
was published
Jan 10, 2024
CRI-O's pods can break out of resource confinement on cgroupv2
Moderate
CVE-2023-6476
was published
for
github.com/cri-o/cri-o
(Go)
Jan 10, 2024
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation...
Moderate
Unreviewed
CVE-2024-22164
was published
Jan 9, 2024
Ion Java StackOverflow vulnerability
High
CVE-2024-21634
was published
for
com.amazon.ion:ion-java
(Maven)
Jan 3, 2024
Authenticated users can crash the CubeFS servers with maliciously crafted requests
Moderate
CVE-2023-46738
was published
for
github.com/cubefs/cubefs
(Go)
Jan 3, 2024
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation...
High
Unreviewed
CVE-2023-3171
was published
Dec 27, 2023
A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource...
Moderate
Unreviewed
CVE-2023-6910
was published
Dec 20, 2023
Allocation of Resources Without Limits in Keycloak
High
CVE-2023-6563
was published
for
org.keycloak:keycloak-model-jpa
(Maven)
Dec 14, 2023
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size...
High
Unreviewed
CVE-2023-5379
was published
Dec 13, 2023
An issue was discovered in Zammad before 6.2.0. Due to lack of rate limiting in the "email...
High
Unreviewed
CVE-2023-50455
was published
Dec 10, 2023
Memory exhaustion in HashiCorp Vault
High
CVE-2023-6337
was published
for
github.com/hashicorp/vault
(Go)
Dec 9, 2023
Under certain circumstances, invalid authentication credentials could be sent to the login...
High
Unreviewed
CVE-2023-4486
was published
Dec 7, 2023
Traefik docker container using 100% CPU
High
CVE-2023-47633
was published
for
github.com/traefik/traefik/v2
(Go)
Dec 5, 2023
ProTip!
Advisories are also available from the
GraphQL API