Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

739 advisories

Loading
When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP)... High Unreviewed
CVE-2024-23979 was published Feb 14, 2024
Certain DNSSEC aspects of the DNS protocol (in RFC 4035 and related RFCs) allow remote attackers... High Unreviewed
CVE-2023-50387 was published Feb 14, 2024
For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time... High Unreviewed
CVE-2024-21771 was published Feb 14, 2024
Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial... Moderate Unreviewed
CVE-2024-21875 was published Feb 11, 2024
In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of... High Unreviewed
CVE-2023-52427 was published Feb 11, 2024
Django denial-of-service attack in the intcomma template filter Moderate
CVE-2024-24680 was published for Django (pip) Feb 7, 2024
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted... Moderate Unreviewed
CVE-2023-22819 was published Feb 6, 2024
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP... Moderate Unreviewed
CVE-2023-45028 was published Feb 2, 2024
Memory over-allocation in evm crate Moderate
CVE-2021-29511 was published for evm (Rust) Jan 30, 2024
OpenFGA denial of service Moderate
CVE-2024-23820 was published for github.com/openfga/openfga (Go) Jan 26, 2024
An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper... High Unreviewed
CVE-2024-21604 was published Jan 12, 2024
An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiPAM 1.0... Moderate Unreviewed
CVE-2023-37934 was published Jan 10, 2024
CRI-O's pods can break out of resource confinement on cgroupv2 Moderate
CVE-2023-6476 was published for github.com/cri-o/cri-o (Go) Jan 10, 2024
Tal-or
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation... Moderate Unreviewed
CVE-2024-22164 was published Jan 9, 2024
Ion Java StackOverflow vulnerability High
CVE-2024-21634 was published for com.amazon.ion:ion-java (Maven) Jan 3, 2024
ebickle
Authenticated users can crash the CubeFS servers with maliciously crafted requests Moderate
CVE-2023-46738 was published for github.com/cubefs/cubefs (Go) Jan 3, 2024
AdamKorcz
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation... High Unreviewed
CVE-2023-3171 was published Dec 27, 2023
A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource... Moderate Unreviewed
CVE-2023-6910 was published Dec 20, 2023
Allocation of Resources Without Limits in Keycloak High
CVE-2023-6563 was published for org.keycloak:keycloak-model-jpa (Maven) Dec 14, 2023
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size... High Unreviewed
CVE-2023-5379 was published Dec 13, 2023
An issue was discovered in Zammad before 6.2.0. Due to lack of rate limiting in the "email... High Unreviewed
CVE-2023-50455 was published Dec 10, 2023
Memory exhaustion in HashiCorp Vault High
CVE-2023-6337 was published for github.com/hashicorp/vault (Go) Dec 9, 2023
Under certain circumstances, invalid authentication credentials could be sent to the login... High Unreviewed
CVE-2023-4486 was published Dec 7, 2023
Traefik docker container using 100% CPU High
CVE-2023-47633 was published for github.com/traefik/traefik/v2 (Go) Dec 5, 2023
ekle
An allocation of resources without limits or throttling vulnerability in the Schweitzer... Moderate Unreviewed
CVE-2023-34389 was published Nov 30, 2023
ProTip! Advisories are also available from the GraphQL API