GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,028
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,252 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to...
Moderate
Unreviewed
CVE-2024-1495
was published
Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting...
Moderate
Unreviewed
CVE-2024-1736
was published
Jun 13, 2024
gqlparser denial of service vulnerability via the parserDirectives function
Moderate
CVE-2023-49559
was published
for
github.com/vektah/gqlparser
(Go)
Jun 12, 2024
Due to unrestricted access to the Meta Model
Repository services in SAP NetWeaver AS Java,...
High
Unreviewed
CVE-2024-34688
was published
Jun 11, 2024
SAP NetWeaver and ABAP platform allows an
attacker to impede performance for legitimate users by...
Moderate
Unreviewed
CVE-2024-33001
was published
Jun 11, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13...
Moderate
Unreviewed
CVE-2024-27800
was published
Jun 10, 2024
The issue was addressed with improvements to the file handling protocol. This issue is fixed in...
Moderate
Unreviewed
CVE-2024-27812
was published
Jun 10, 2024
go-grpc-compression has a zstd decompression bombing vulnerability
High
GHSA-87m9-rv8p-rgmg
was published
for
github.com/mostynb/go-grpc-compression
(Go)
Jun 10, 2024
GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via...
Moderate
Unreviewed
CVE-2024-37535
was published
Jun 9, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the...
High
Unreviewed
CVE-2023-49224
was published
Jun 7, 2024
An issue in obgm and Libcoap v.a3ed466 allows a remote attacker to cause a denial of service via...
High
Unreviewed
CVE-2023-51847
was published
Jun 7, 2024
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in...
Moderate
Unreviewed
CVE-2024-3153
was published
Jun 6, 2024
Denial of service in langchain-community
Moderate
CVE-2024-2965
was published
for
langchain-community
(pip)
Jun 6, 2024
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when...
High
Unreviewed
CVE-2024-36743
was published
Jun 6, 2024
Apport does not disable python crash handler before entering chroot
High
Unreviewed
CVE-2022-28657
was published
Jun 5, 2024
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search
Moderate
GHSA-pmxp-7224-h794
was published
for
typo3/cms
(Composer)
Jun 4, 2024
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro,...
Unknown
Unreviewed
CVE-2024-5422
was published
Jun 4, 2024
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary...
High
Unreviewed
CVE-2024-4148
was published
Jun 1, 2024
An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause...
Moderate
Unreviewed
CVE-2024-36845
was published
May 31, 2024
Duplicate Advisory: Apache Superset uncontrolled resource consumption
Moderate
CVE-2024-23952
was published
for
apache-superset
(pip)
May 30, 2024
•
withdrawn
SilverStripe framework XML Quadratic Blowup Attack
Moderate
GHSA-g43w-98wp-m694
was published
for
silverstripe/framework
(Composer)
May 23, 2024
A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13...
Moderate
Unreviewed
CVE-2024-1947
was published
May 23, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2023-6502
was published
May 23, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11...
Moderate
Unreviewed
CVE-2024-2874
was published
May 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
enetc: Fix illegal access...
High
Unreviewed
CVE-2021-47368
was published
May 21, 2024
ProTip!
Advisories are also available from the
GraphQL API