Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,536
NuGet
616
pip
3,105
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,213 advisories

Loading
A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted... High Unreviewed
CVE-2024-4467 was published Jul 2, 2024
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to... Moderate Unreviewed
CVE-2024-22104 was published Jul 2, 2024
A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing... High Unreviewed
CVE-2024-6090 was published Jun 27, 2024
h2o vulnerable to unexpected POST request shutting down server High
CVE-2024-5979 was published for h2o (pip) Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11... Moderate Unreviewed
CVE-2024-1816 was published Jun 27, 2024
Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all... Moderate Unreviewed
CVE-2024-4557 was published Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5... Moderate Unreviewed
CVE-2024-1493 was published Jun 27, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service ... High Unreviewed
CVE-2024-5013 was published Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption... High Unreviewed
CVE-2024-5011 was published Jun 25, 2024
In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign ->num... Critical Unreviewed
CVE-2024-39462 was published Jun 25, 2024
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop... High Unreviewed
CVE-2021-4440 was published Jun 25, 2024
A vulnerability in mintplex-labs/anything-llm allows for a Denial of Service (DoS) condition due... High Unreviewed
CVE-2024-5216 was published Jun 25, 2024
Adminer and AdminerEvo allow an unauthenticated remote attacker to cause a denial of service by... Unknown Unreviewed
CVE-2023-45196 was published Jun 24, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The... Moderate Unreviewed
CVE-2024-33881 was published Jun 24, 2024
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list... High Unreviewed
CVE-2024-38384 was published Jun 24, 2024
Improper line feed handling in zenml Moderate
CVE-2024-4460 was published for zenml (pip) Jun 24, 2024
Undertow's url-encoded request path information can be broken on ajp-listener High
CVE-2024-6162 was published for io.undertow:undertow-core (Maven) Jun 20, 2024
In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix... High Unreviewed
CVE-2022-48748 was published Jun 20, 2024
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix... Critical Unreviewed
CVE-2022-48716 was published Jun 20, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix... High Unreviewed
CVE-2024-38616 was published Jun 19, 2024
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability... Moderate Unreviewed
CVE-2024-23443 was published Jun 19, 2024
An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of... Moderate Unreviewed
CVE-2024-5208 was published Jun 19, 2024
Minder affected by denial of service from maliciously configured Git repository Moderate
CVE-2024-37904 was published for github.com/stacklok/minder (Go) Jun 18, 2024
AdamKorcz DavidKorczynski
STRIMZI incorrect access control High
CVE-2024-36543 was published for io.strimzi:strimzi (Maven) Jun 17, 2024
DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior... Low Unreviewed
CVE-2024-5469 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API