GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,330 advisories
Filter by severity
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an...
High
Unreviewed
CVE-2024-37125
was published
Sep 26, 2024
Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events
Moderate
CVE-2024-47003
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Sep 26, 2024
When multiple devices share resources and one of them is to be passed
through to a guest,...
High
Unreviewed
CVE-2024-31146
was published
Sep 25, 2024
Certain PCI devices in a system might be assigned Reserved Memory
Regions (specified via Reserved...
High
Unreviewed
CVE-2024-31145
was published
Sep 25, 2024
Denial of service in rocket chat message parser
Moderate
CVE-2024-46935
was published
for
@rocket.chat/message-parser
(npm)
Sep 25, 2024
Spring Framework DoS via conditional HTTP request
Moderate
CVE-2024-38809
was published
for
org.springframework:spring-web
(Maven)
Sep 24, 2024
Gladys Assistant before 4.45.1 allows Privilege Escalation (a user changing their own role)...
High
Unreviewed
CVE-2024-47210
was published
Sep 22, 2024
An issue was discovered in Technitium 11.0.2. There is a vulnerability (called BadDNS) in DNS...
High
Unreviewed
CVE-2023-28451
was published
Sep 18, 2024
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify...
Moderate
Unreviewed
CVE-2024-8892
was published
Sep 18, 2024
vLLM Denial of Service via the best_of parameter
Moderate
CVE-2024-8939
was published
for
vllm
(pip)
Sep 17, 2024
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7,...
High
Unreviewed
CVE-2024-44169
was published
Sep 17, 2024
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44160
was published
Sep 17, 2024
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in...
High
Unreviewed
CVE-2024-40841
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
High
Unreviewed
CVE-2024-27874
was published
Sep 17, 2024
DHCP Server Service Denial of Service Vulnerability
High
Unreviewed
CVE-2024-38236
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All...
High
Unreviewed
CVE-2024-43647
was published
Sep 10, 2024
Missing connection timeout in Aardvark-dns
High
CVE-2024-8418
was published
for
aardvark-dns
(Rust)
Sep 4, 2024
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column)...
Moderate
Unreviewed
CVE-2024-41434
was published
Sep 3, 2024
CWA-2023-004: Excessive number of function parameters in compiled Wasm
Moderate
GHSA-75qh-gg76-p2w4
was published
for
cosmwasm-vm
(Go)
Aug 27, 2024
Flowise Unauthenticated Denial of Service (DoS) vulnerability
High
CVE-2024-8182
was published
for
flowise
(npm)
Aug 27, 2024
Mattermost Plugin Channel Export excessive resource consumption
Moderate
CVE-2024-43105
was published
for
github.com/mattermost/mattermost-plugin-channel-export
(Go)
Aug 23, 2024
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior...
Moderate
Unreviewed
CVE-2024-8041
was published
Aug 22, 2024
Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA...
Moderate
Unreviewed
CVE-2024-39810
was published
Aug 22, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input...
Critical
Unreviewed
CVE-2024-45166
was published
Aug 22, 2024
The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command...
Critical
Unreviewed
CVE-2024-45163
was published
Aug 22, 2024
ProTip!
Advisories are also available from the
GraphQL API