Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

499 advisories

Loading
rPGP Potential Resource Exhaustion when handling Untrusted Messages High
CVE-2024-53857 was published for pgp (Rust) Dec 5, 2024
invd hko-s
link2xt dignifiedquire
An issue in the list_append component of MonetDB Server v11.45.17 and v11.46.0 allows attackers... High Unreviewed
CVE-2023-36369 was published Jun 22, 2023
An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to... High Unreviewed
CVE-2023-36370 was published Jun 22, 2023
An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to... High Unreviewed
CVE-2023-36371 was published Jun 22, 2023
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS... High Unreviewed
CVE-2024-27804 was published May 14, 2024
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard... High Unreviewed
CVE-2020-28400 was published May 24, 2022
Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful... High Unreviewed
CVE-2023-34166 was published Jun 19, 2023
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed
CVE-2022-48498 was published Jun 19, 2023
In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or... High Unreviewed
CVE-2023-21144 was published Jun 15, 2023
Non-linear parsing of case-insensitive content in golang.org/x/net/html High
CVE-2024-45338 was published for golang.org/x/net (Go) Dec 18, 2024
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service High
GHSA-5pf6-cq2v-23ww was published for github.com/clidey/whodb/core (Go) Dec 19, 2024
thevilledev
A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2024-54538 was published Dec 20, 2024
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user... High Unreviewed
CVE-2024-56319 was published Dec 19, 2024
When a specific component is loaded a local attacker and is able to send a specially crafted... High Unreviewed
CVE-2023-38543 was published Nov 15, 2023
android-gif-drawable vulerable to denial of service due to unrestricted comment length High
CVE-2022-23435 was published for pl.droidsonroids.gif:android-gif-drawable (Maven) Jan 20, 2022
Marcono1234
Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access... High Unreviewed
CVE-2024-43064 was published Jan 6, 2025
An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiOS... High Unreviewed
CVE-2024-46668 was published Jan 14, 2025
A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5... High Unreviewed
CVE-2024-46667 was published Jan 14, 2025
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization... High Unreviewed
CVE-2019-9511 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial... High Unreviewed
CVE-2019-9515 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a... High Unreviewed
CVE-2019-9518 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially... High Unreviewed
CVE-2019-9517 was published May 24, 2022
An unauthenticated remote attacker can cause a DoS in the controller due to uncontrolled resource... High Unreviewed
CVE-2018-25108 was published Jan 16, 2025
IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6... High Unreviewed
CVE-2024-45662 was published Jan 18, 2025
IBM TXSeries for Multiplatforms 10.1 is vulnerable to a denial of service, caused by improper... High Unreviewed
CVE-2024-41742 was published Jan 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database