GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
361 advisories
Filter by severity
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of...
Moderate
Unreviewed
CVE-2024-21994
was published
Nov 8, 2024
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7...
Moderate
Unreviewed
CVE-2024-10599
was published
Nov 1, 2024
Mattermost Server vulnerable to application crash from attacker-generated large response
Moderate
CVE-2024-47401
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Oct 29, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 17.3.6, 17.4...
Moderate
Unreviewed
CVE-2024-6826
was published
Oct 24, 2024
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow...
Moderate
Unreviewed
CVE-2024-20526
was published
Oct 23, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is...
Moderate
Unreviewed
CVE-2024-31880
was published
Oct 23, 2024
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to...
Moderate
Unreviewed
CVE-2024-50311
was published
Oct 22, 2024
Security Update for the OPC UA .NET Standard Stack
Moderate
CVE-2024-45526
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Oct 18, 2024
Possible ReDoS vulnerability in query parameter filtering in Action Dispatch
Moderate
CVE-2024-41128
was published
for
actionpack
(RubyGems)
Oct 15, 2024
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Moderate
CVE-2024-8184
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 14, 2024
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to...
Moderate
Unreviewed
CVE-2024-47969
was published
Oct 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
nouveau/firmware: use dma...
Moderate
Unreviewed
CVE-2024-45012
was published
Sep 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
s390/boot: Avoid possible...
Moderate
Unreviewed
CVE-2024-45014
was published
Sep 11, 2024
Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU...
Moderate
Unreviewed
CVE-2024-23184
was published
Sep 10, 2024
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation...
Moderate
Unreviewed
CVE-2024-7734
was published
Sep 10, 2024
Marinus Pfund, member of the AXIS OS Bug Bounty Program,
has found the VAPIX API alwaysmulti.cgi...
Moderate
Unreviewed
CVE-2024-6509
was published
Sep 10, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to...
Moderate
Unreviewed
CVE-2024-40680
was published
Sep 7, 2024
Vertx gRPC server does not limit the maximum message size
Moderate
CVE-2024-8391
was published
for
io.vertx:vertx-grpc-client
(Maven)
Sep 4, 2024
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service...
Moderate
Unreviewed
CVE-2024-41175
was published
Aug 27, 2024
Spring Framework vulnerable to Denial of Service
Moderate
CVE-2024-38808
was published
for
org.springframework:spring-expression
(Maven)
Aug 20, 2024
Miniscript allows stack consumption
Moderate
CVE-2024-44073
was published
for
miniscript
(Rust)
Aug 19, 2024
In the Linux kernel, the following vulnerability has been resolved:
dma: fix call order in...
Moderate
Unreviewed
CVE-2024-43856
was published
Aug 17, 2024
When performing an online tag generation to devices which communicate
using the ControlLogix...
Moderate
Unreviewed
CVE-2024-6098
was published
Aug 16, 2024
In the Linux kernel, the following vulnerability has been resolved:
mm: huge_memory: use ...
Moderate
Unreviewed
CVE-2024-42258
was published
Aug 12, 2024
In the Linux kernel, the following vulnerability has been resolved:
wireguard: allowedips: avoid...
Moderate
Unreviewed
CVE-2024-42247
was published
Aug 7, 2024
ProTip!
Advisories are also available from the
GraphQL API