GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
739 advisories
Filter by severity
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to...
Moderate
Unreviewed
CVE-2024-31919
was published
Jun 28, 2024
An issue the background management system of Shanxi Internet Chuangxiang Technology Co., Ltd v1.0...
Moderate
Unreviewed
CVE-2024-37681
was published
Jun 24, 2024
Allocation of Resources Without Limits or Throttling vulnerability in LG Electronics LG SuperSign...
Unknown
Unreviewed
CVE-2024-6176
was published
Jun 20, 2024
CrateDB has a Client initialized Session-Renegotiation DoS
Moderate
CVE-2024-37309
was published
for
io.crate:crate
(Maven)
Jun 13, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is...
Moderate
Unreviewed
CVE-2024-31881
was published
Jun 12, 2024
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is...
Moderate
Unreviewed
CVE-2024-28762
was published
Jun 12, 2024
TYPO3 Denial of Service in Online Media Asset Handling
Moderate
GHSA-f3wf-q4fj-3gxf
was published
for
typo3/cms
(Composer)
Jun 7, 2024
TYPO3 Denial of Service in Frontend Record Registration
High
GHSA-g585-crjf-vhwq
was published
for
typo3/cms
(Composer)
Jun 7, 2024
Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause...
Moderate
Unreviewed
CVE-2024-34055
was published
Jun 5, 2024
is_closing_session() allows users to create arbitrary tcp dbus connections
High
Unreviewed
CVE-2022-28655
was published
Jun 5, 2024
is_closing_session() allows users to fill up apport.log
Moderate
Unreviewed
CVE-2022-28654
was published
Jun 5, 2024
is_closing_session() allows users to consume RAM in the Apport process
Moderate
Unreviewed
CVE-2022-28656
was published
Jun 5, 2024
Flooding Server with Thumbnail files
High
CVE-2024-32871
was published
for
pimcore/pimcore
(Composer)
Jun 4, 2024
TYPO3 Denial of Service in Frontend Record Registration
High
GHSA-hjx5-v9xg-7h25
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Denial of Service in Online Media Asset Handling
Moderate
GHSA-29m4-mx89-3mjg
was published
for
typo3/cms-core
(Composer)
May 30, 2024
Denial of service of Minder Server from maliciously crafted GitHub attestations
Moderate
CVE-2024-35238
was published
for
github.com/stacklok/minder
(Go)
May 28, 2024
rack-contrib vulnerable to Denial of Service due to the unconstrained value of the incoming "profiler_runs" parameter
High
CVE-2024-35231
was published
for
rack-contrib
(RubyGems)
May 28, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Moderate
Unreviewed
CVE-2024-33495
was published
May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an allocation of resources without...
Moderate
Unreviewed
CVE-2024-25969
was published
May 14, 2024
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is...
Moderate
Unreviewed
CVE-2024-28760
was published
May 14, 2024
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service
Critical
CVE-2024-32874
was published
for
frigate
(pip)
May 9, 2024
An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can...
High
Unreviewed
CVE-2024-4140
was published
May 2, 2024
Wildfly vulnerable to denial of service
Moderate
CVE-2024-4029
was published
for
org.wildfly:wildfly-domain-http
(Maven)
May 2, 2024
In the Linux kernel, the following vulnerability has been resolved:
tun: limit printing rate...
Moderate
Unreviewed
CVE-2024-27013
was published
May 1, 2024
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3...
Moderate
Unreviewed
CVE-2024-25026
was published
Apr 25, 2024
ProTip!
Advisories are also available from the
GraphQL API