Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,164
Erlang
30
GitHub Actions
19
Go
1,973
Maven
5,000+
npm
3,695
NuGet
654
pip
3,312
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,373 advisories

Loading
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7... Moderate Unreviewed
CVE-2024-10599 was published Nov 1, 2024
Gnark out-of-memory during deserialization with crafted inputs Moderate
CVE-2024-50354 was published for github.com/consensys/gnark (Go) Oct 31, 2024
pventuzelo
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation... Moderate Unreviewed
CVE-2024-31152 was published Oct 30, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ... High Unreviewed
CVE-2024-7807 was published Oct 29, 2024
Werkzeug possible resource exhaustion when parsing file data in forms Moderate
CVE-2024-49767 was published for quart (pip) Oct 25, 2024
defnull
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow... Moderate Unreviewed
CVE-2024-20526 was published Oct 23, 2024
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco... High Unreviewed
CVE-2024-20351 was published Oct 23, 2024
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to... Moderate Unreviewed
CVE-2024-50311 was published Oct 22, 2024
Denial of service in http-proxy-middleware High
CVE-2024-21536 was published for http-proxy-middleware (npm) Oct 19, 2024
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder Moderate
CVE-2024-25112 was published for exiv2 (pip) Oct 17, 2024
westonsteimel
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks Moderate
CVE-2024-8184 was published for org.eclipse.jetty:jetty-server (Maven) Oct 14, 2024
HRsGIT
Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks Low
CVE-2024-6762 was published for org.eclipse.jetty:jetty-servlets (Maven) Oct 14, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2024-45736 was published Oct 14, 2024
Eclipse Jetty has a denial of service vulnerability on DosFilter Moderate
CVE-2024-9823 was published for org.eclipse.jetty.ee10:jetty-ee10-servlets (Maven) Oct 14, 2024
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack... High Unreviewed
CVE-2024-6959 was published Oct 13, 2024
An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks... High Unreviewed
CVE-2024-47497 was published Oct 11, 2024
Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before... Moderate Unreviewed
CVE-2023-25769 was published Oct 10, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack... High Unreviewed
CVE-2024-7294 was published Oct 9, 2024
Windows Hyper-V Denial of Service Vulnerability High Unreviewed
CVE-2024-43575 was published Oct 8, 2024
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability High Unreviewed
CVE-2024-43541 was published Oct 8, 2024
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability High Unreviewed
CVE-2024-43544 was published Oct 8, 2024
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability High Unreviewed
CVE-2024-43545 was published Oct 8, 2024
BranchCache Denial of Service Vulnerability High Unreviewed
CVE-2024-43506 was published Oct 8, 2024
Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability High Unreviewed
CVE-2024-43515 was published Oct 8, 2024
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation... High Unreviewed
CVE-2024-8626 was published Oct 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database