Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,426 advisories

Loading
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability High Unreviewed
CVE-2024-49129 was published Dec 12, 2024
Windows Remote Desktop Services Denial of Service Vulnerability High Unreviewed
CVE-2024-49075 was published Dec 12, 2024
Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource... Moderate Unreviewed
CVE-2024-42426 was published Dec 9, 2024
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not ... High Unreviewed
CVE-2024-12254 was published Dec 6, 2024
Withdrawn Advisory: Netty vulnerability included in redis lettuce Moderate
GHSA-q4h9-7rxj-7gx2 was published for io.lettuce:lettuce-core (Maven) Dec 2, 2024 withdrawn
gmcallister-r7 SteffenGabel
There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL... Moderate Unreviewed
CVE-2024-11498 was published Nov 25, 2024
Tornado has an HTTP cookie parsing DoS vulnerability High
CVE-2024-52804 was published for tornado (pip) Nov 22, 2024
kexinoh
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an... Moderate Unreviewed
CVE-2024-45420 was published Nov 19, 2024
A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue... Moderate Unreviewed
CVE-2023-39180 was published Nov 18, 2024
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an... High Unreviewed
CVE-2023-20125 was published Nov 15, 2024
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch... High Unreviewed
CVE-2024-48989 was published Nov 13, 2024
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to... High Unreviewed
CVE-2024-9409 was published Nov 13, 2024
Denial of Service attack on windows app using netty Moderate
CVE-2024-47535 was published for io.netty:netty-common (Maven) Nov 12, 2024
Amossys-PGR AB-xdev
irene221b
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed
CVE-2024-46891 was published Nov 12, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2024-10345 was published Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2024-10344 was published Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2024-10314 was published Nov 11, 2024
wasm3 uncontrolled memory allocation vulnerability Moderate
CVE-2024-27529 was published for github.com/shareup/wasm-interpreter-apple (pip) Nov 9, 2024
Undertow Denial of Service vulnerability Moderate
CVE-2023-1973 was published for io.undertow:undertow-core (Maven) Nov 7, 2024
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7... Moderate Unreviewed
CVE-2024-10599 was published Nov 1, 2024
Gnark out-of-memory during deserialization with crafted inputs Moderate
CVE-2024-50354 was published for github.com/consensys/gnark (Go) Oct 31, 2024
pventuzelo
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation... Moderate Unreviewed
CVE-2024-31152 was published Oct 30, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ... High Unreviewed
CVE-2024-7807 was published Oct 29, 2024
Werkzeug possible resource exhaustion when parsing file data in forms Moderate
CVE-2024-49767 was published for Quart (pip) Oct 25, 2024
defnull
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow... Moderate Unreviewed
CVE-2024-20526 was published Oct 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database