GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
886 advisories
Filter by severity
A denial-of-service issue was addressed with improved input validation. This issue is fixed in...
High
Unreviewed
CVE-2024-54538
was published
Dec 20, 2024
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service
High
GHSA-5pf6-cq2v-23ww
was published
for
github.com/clidey/whodb/core
(Go)
Dec 19, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is...
Moderate
Unreviewed
CVE-2023-30443
was published
Dec 19, 2024
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user...
Unknown
Unreviewed
CVE-2024-56319
was published
Dec 19, 2024
Non-linear parsing of case-insensitive content in golang.org/x/net/html
High
CVE-2024-45338
was published
for
golang.org/x/net
(Go)
Dec 18, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.4.6,...
Moderate
Unreviewed
CVE-2024-9367
was published
Dec 12, 2024
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2,...
Moderate
Unreviewed
CVE-2024-54501
was published
Dec 12, 2024
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS...
Critical
Unreviewed
CVE-2024-44241
was published
Dec 12, 2024
Django denial-of-service in django.utils.html.strip_tags()
Moderate
CVE-2024-53907
was published
for
Django
(pip)
Dec 6, 2024
rPGP Potential Resource Exhaustion when handling Untrusted Messages
High
CVE-2024-53857
was published
for
pgp
(Rust)
Dec 5, 2024
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the...
High
Unreviewed
CVE-2024-11316
was published
Dec 5, 2024
Denial of Service vulnerabilities where found providing a potiential for device service...
High
Unreviewed
CVE-2024-48844
was published
Dec 5, 2024
Denial of Service vulnerabilities where found providing a potiential for device service...
High
Unreviewed
CVE-2024-48843
was published
Dec 5, 2024
An issue in aedes v0.51.2 allows attackers to cause a Denial of Service(DoS) via a crafted request.
High
Unreviewed
CVE-2024-48080
was published
Dec 3, 2024
Synapse allows unsupported content types to lead to memory exhaustion
High
CVE-2024-52805
was published
for
matrix-synapse
(pip)
Dec 3, 2024
Synapse denial of service through media disk space consumption
High
CVE-2024-37302
was published
for
matrix-synapse
(pip)
Dec 3, 2024
Denial of service (DoS) via deformation `multipart/form-data` boundary
High
CVE-2024-53981
was published
for
python-multipart
(pip)
Dec 2, 2024
rizin before Release v0.6.3 is vulnerable to Uncontrolled Resource Consumption via...
High
Unreviewed
CVE-2024-31669
was published
Dec 2, 2024
Tornado has an HTTP cookie parsing DoS vulnerability
High
CVE-2024-52804
was published
for
tornado
(pip)
Nov 22, 2024
Searching Opencast may cause a denial of service
Moderate
CVE-2024-52797
was published
for
org.opencastproject:opencast-elasticsearch-impl
(Maven)
Nov 20, 2024
Litestar allows unbounded resource consumption (DoS vulnerability)
High
CVE-2024-52581
was published
for
litestar
(pip)
Nov 20, 2024
An issue in the Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA allows...
High
Unreviewed
CVE-2024-48530
was published
Nov 20, 2024
Password Pusher rate limiter can be bypassed by forging proxy headers
Low
CVE-2024-52796
was published
for
pwpush
(RubyGems)
Nov 20, 2024
In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper...
Moderate
Unreviewed
CVE-2018-9412
was published
Nov 20, 2024
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: check outstanding...
Moderate
Unreviewed
CVE-2024-50285
was published
Nov 19, 2024
ProTip!
Advisories are also available from the
GraphQL API