Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

809 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11... Moderate Unreviewed
CVE-2024-2874 was published May 23, 2024
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition... Moderate Unreviewed
CVE-2024-35969 was published May 20, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed
CVE-2024-33495 was published May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an allocation of resources without... Moderate Unreviewed
CVE-2024-25969 was published May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to... Moderate Unreviewed
CVE-2024-4539 was published May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 prior to... Moderate Unreviewed
CVE-2024-2454 was published May 14, 2024
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is... Moderate Unreviewed
CVE-2024-28760 was published May 14, 2024
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service Critical
CVE-2024-32874 was published for frigate (pip) May 9, 2024
Sim4n6
An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can... High Unreviewed
CVE-2024-4140 was published May 2, 2024
Wildfly vulnerable to denial of service Moderate
CVE-2024-4029 was published for org.wildfly:wildfly-domain-http (Maven) May 2, 2024
In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate... Moderate Unreviewed
CVE-2024-27013 was published May 1, 2024
The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for... High Unreviewed
CVE-2024-34046 was published Apr 30, 2024
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed
CVE-2024-25026 was published Apr 25, 2024
Synapse V2 state resolution weakness allows Denial of Service (DoS) Moderate
CVE-2024-31208 was published for matrix-synapse (pip) Apr 23, 2024
alexeyshch
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor_idle: Fix... Moderate Unreviewed
CVE-2024-26894 was published Apr 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). ... Moderate Unreviewed
CVE-2024-21060 was published Apr 17, 2024
lunary-ai/lunary version 1.0.0 is vulnerable to unauthorized evaluation creation due to missing... Moderate Unreviewed
CVE-2024-1665 was published Apr 16, 2024
In lunary-ai/lunary version 1.0.0, an authorization flaw exists that allows unauthorized radar... High Unreviewed
CVE-2024-1666 was published Apr 16, 2024
Cosign malicious artifacts can cause machine-wide DoS Moderate
CVE-2024-29903 was published for github.com/sigstore/cosign (Go) Apr 11, 2024
AdamKorcz DavidKorczynski
Cosign malicious attachments can cause system-wide denial of service Moderate
CVE-2024-29902 was published for github.com/sigstore/cosign (Go) Apr 11, 2024
AdamKorcz
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a... High Unreviewed
CVE-2024-3382 was published Apr 10, 2024
lunary-ai/lunary version 0.3.0 is vulnerable to unauthorized project creation due to insufficient... Moderate Unreviewed
CVE-2024-1599 was published Apr 10, 2024
A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.254), Parasolid V36... Low Unreviewed
CVE-2024-26276 was published Apr 9, 2024
h2 servers vulnerable to degradation of service with CONTINUATION Flood Moderate
GHSA-q6cp-qfwq-4gcv was published for h2 (Rust) Apr 5, 2024
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database