Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,073
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,137 advisories

Loading
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service ... High Unreviewed
CVE-2024-5013 was published Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption... High Unreviewed
CVE-2024-5011 was published Jun 25, 2024
A vulnerability in mintplex-labs/anything-llm allows for a Denial of Service (DoS) condition due... High Unreviewed
CVE-2024-5216 was published Jun 25, 2024
Adminer and AdminerEvo allow an unauthenticated remote attacker to cause a denial of service by... Unknown Unreviewed
CVE-2023-45196 was published Jun 24, 2024
Improper line feed handling in zenml Moderate
CVE-2024-4460 was published for zenml (pip) Jun 24, 2024
Undertow's url-encoded request path information can be broken on ajp-listener High
CVE-2024-6162 was published for io.undertow:undertow-core (Maven) Jun 20, 2024
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability... Moderate Unreviewed
CVE-2024-23443 was published Jun 19, 2024
An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of... Moderate Unreviewed
CVE-2024-5208 was published Jun 19, 2024
Minder affected by denial of service from maliciously configured Git repository Moderate
CVE-2024-37904 was published for github.com/stacklok/minder (Go) Jun 18, 2024
AdamKorcz DavidKorczynski
DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior... Low Unreviewed
CVE-2024-5469 was published Jun 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting... Moderate Unreviewed
CVE-2024-1736 was published Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16... Moderate Unreviewed
CVE-2024-1963 was published Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to... Moderate Unreviewed
CVE-2024-1495 was published Jun 13, 2024
gqlparser denial of service vulnerability via the parserDirectives function Moderate
CVE-2023-49559 was published for github.com/vektah/gqlparser (Go) Jun 12, 2024
Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java,... High Unreviewed
CVE-2024-34688 was published Jun 11, 2024
SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by... Moderate Unreviewed
CVE-2024-33001 was published Jun 11, 2024
go-grpc-compression has a zstd decompression bombing vulnerability High
GHSA-87m9-rv8p-rgmg was published for github.com/mostynb/go-grpc-compression (Go) Jun 10, 2024
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in... Moderate Unreviewed
CVE-2024-3153 was published Jun 6, 2024
Denial of service in langchain-community Moderate
CVE-2024-2965 was published for langchain-community (pip) Jun 6, 2024
eyurtsev efriis
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search Moderate
GHSA-pmxp-7224-h794 was published for typo3/cms (Composer) Jun 4, 2024
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro,... Unknown Unreviewed
CVE-2024-5422 was published Jun 4, 2024
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary... High Unreviewed
CVE-2024-4148 was published Jun 1, 2024
Apache Superset uncontrolled resource consumption Moderate
CVE-2024-23952 was published for apache-superset (pip) May 30, 2024 withdrawn
SilverStripe framework XML Quadratic Blowup Attack Moderate
GHSA-g43w-98wp-m694 was published for silverstripe/framework (Composer) May 23, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed
CVE-2023-6502 was published May 23, 2024
ProTip! Advisories are also available from the GraphQL API