GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
740 advisories
Filter by severity
In lunary-ai/lunary version 1.0.0, an authorization flaw exists that allows unauthorized radar...
High
Unreviewed
CVE-2024-1666
was published
Apr 16, 2024
Apache Commons FileUpload denial of service vulnerability
High
CVE-2023-24998
was published
for
commons-fileupload:commons-fileupload
(Maven)
Feb 20, 2023
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows...
Moderate
Unreviewed
CVE-2023-1544
was published
Mar 23, 2023
Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non...
High
Unreviewed
CVE-2022-40513
was published
Feb 12, 2023
Moodle Client side denial of service via personal message
Moderate
CVE-2021-20185
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle denial-of-service risk in the draft files area
High
CVE-2021-32476
was published
for
moodle/moodle
(Composer)
Mar 12, 2022
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3...
Moderate
Unreviewed
CVE-2024-25026
was published
Apr 25, 2024
HTTP/2 rapid reset can cause excessive work in net/http
High
CVE-2023-39325
was published
for
golang.org/x/net
(Go)
Oct 11, 2023
OpenStack os-vif Ageing time of 0 disables linuxbridge MAC learning
Critical
CVE-2019-15753
was published
for
os-vif
(pip)
May 24, 2022
Wildfly vulnerable to denial of service
Moderate
CVE-2024-4029
was published
for
org.wildfly:wildfly-domain-http
(Maven)
May 2, 2024
Synapse V2 state resolution weakness allows Denial of Service (DoS)
Moderate
CVE-2024-31208
was published
for
matrix-synapse
(pip)
Apr 23, 2024
Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service
High
CVE-2022-34917
was published
for
org.apache.kafka:kafka
(Maven)
Sep 21, 2022
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is...
Moderate
Unreviewed
CVE-2024-28760
was published
May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an allocation of resources without...
Moderate
Unreviewed
CVE-2024-25969
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Moderate
Unreviewed
CVE-2024-33495
was published
May 14, 2024
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service
Critical
CVE-2024-32874
was published
for
frigate
(pip)
May 9, 2024
Improper Input Validation and Allocation of Resources Without Limits or Throttling in poi-scratchpad
Moderate
CVE-2022-26336
was published
for
org.apache.poi:poi-scratchpad
(Maven)
Mar 5, 2022
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 is vulnerable to a denial of...
Moderate
Unreviewed
CVE-2024-22353
was published
Mar 31, 2024
IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.3 is vulnerable to a denial of...
Moderate
Unreviewed
CVE-2024-27268
was published
Apr 4, 2024
revel is vulnerable to resource exhaustion
Moderate
CVE-2020-36568
was published
for
github.com/revel/revel
(Go)
Dec 28, 2022
golang.org/x/net/http vulnerable to a reset flood
High
CVE-2019-9514
was published
for
golang.org/x/net
(Go)
May 24, 2022
golang.org/x/net/http2 vulnerable to possible excessive memory growth
Moderate
CVE-2022-41717
was published
for
golang.org/x/net
(Go)
Dec 8, 2022
Uncontrolled Resource Consumption in golang.org/x/image
Moderate
CVE-2022-41727
was published
for
golang.org/x/image
(Go)
Feb 17, 2023
Golang TIFF decoder does not place a limit on the size of compressed tile data
Moderate
CVE-2023-29408
was published
for
golang.org/x/image
(Go)
Aug 2, 2023
Memory exhaustion in HashiCorp Vault
High
CVE-2023-6337
was published
for
github.com/hashicorp/vault
(Go)
Dec 9, 2023
ProTip!
Advisories are also available from the
GraphQL API