Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,614
NuGet
638
pip
3,225
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,306 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix... High Unreviewed
CVE-2024-38616 was published Jun 19, 2024
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability... Moderate Unreviewed
CVE-2024-23443 was published Jun 19, 2024
An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of... Moderate Unreviewed
CVE-2024-5208 was published Jun 19, 2024
Minder affected by denial of service from maliciously configured Git repository Moderate
CVE-2024-37904 was published for github.com/stacklok/minder (Go) Jun 18, 2024
AdamKorcz DavidKorczynski
STRIMZI incorrect access control High
CVE-2024-36543 was published for io.strimzi:strimzi (Maven) Jun 17, 2024
DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior... Low Unreviewed
CVE-2024-5469 was published Jun 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to... Moderate Unreviewed
CVE-2024-1495 was published Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16... Moderate Unreviewed
CVE-2024-1963 was published Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting... Moderate Unreviewed
CVE-2024-1736 was published Jun 13, 2024
gqlparser denial of service vulnerability via the parserDirectives function Moderate
CVE-2023-49559 was published for github.com/vektah/gqlparser (Go) Jun 12, 2024
Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java,... High Unreviewed
CVE-2024-34688 was published Jun 11, 2024
SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by... Moderate Unreviewed
CVE-2024-33001 was published Jun 11, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13... Moderate Unreviewed
CVE-2024-27800 was published Jun 10, 2024
The issue was addressed with improvements to the file handling protocol. This issue is fixed in... Moderate Unreviewed
CVE-2024-27812 was published Jun 10, 2024
go-grpc-compression has a zstd decompression bombing vulnerability High
GHSA-87m9-rv8p-rgmg was published for github.com/mostynb/go-grpc-compression (Go) Jun 10, 2024
GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via... Moderate Unreviewed
CVE-2024-37535 was published Jun 9, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the... High Unreviewed
CVE-2023-49224 was published Jun 7, 2024
An issue in obgm and Libcoap v.a3ed466 allows a remote attacker to cause a denial of service via... High Unreviewed
CVE-2023-51847 was published Jun 7, 2024
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in... Moderate Unreviewed
CVE-2024-3153 was published Jun 6, 2024
Denial of service in langchain-community Moderate
CVE-2024-2965 was published for langchain-community (pip) Jun 6, 2024
eyurtsev efriis
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when... High Unreviewed
CVE-2024-36743 was published Jun 6, 2024
The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2024-33655 was published Jun 6, 2024
Apport does not disable python crash handler before entering chroot High Unreviewed
CVE-2022-28657 was published Jun 5, 2024
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search Moderate
GHSA-pmxp-7224-h794 was published for typo3/cms (Composer) Jun 4, 2024
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro,... Unknown Unreviewed
CVE-2024-5422 was published Jun 4, 2024
ProTip! Advisories are also available from the GraphQL API