GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
326 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
nouveau/firmware: use dma...
Moderate
Unreviewed
CVE-2024-45012
was published
Sep 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
s390/boot: Avoid possible...
Moderate
Unreviewed
CVE-2024-45014
was published
Sep 11, 2024
Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU...
Moderate
Unreviewed
CVE-2024-23184
was published
Sep 10, 2024
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation...
Moderate
Unreviewed
CVE-2024-7734
was published
Sep 10, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to...
Moderate
Unreviewed
CVE-2024-40680
was published
Sep 7, 2024
Vertx gRPC server does not limit the maximum message size
Moderate
CVE-2024-8391
was published
for
io.vertx:vertx-grpc-client
(Maven)
Sep 4, 2024
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service...
Moderate
Unreviewed
CVE-2024-41175
was published
Aug 27, 2024
Spring Framework vulnerable to Denial of Service
Moderate
CVE-2024-38808
was published
for
org.springframework:spring-expression
(Maven)
Aug 20, 2024
Miniscript allows stack consumption
Moderate
CVE-2024-44073
was published
for
miniscript
(Rust)
Aug 19, 2024
In the Linux kernel, the following vulnerability has been resolved:
dma: fix call order in...
Moderate
Unreviewed
CVE-2024-43856
was published
Aug 17, 2024
When performing an online tag generation to devices which communicate
using the ControlLogix...
Moderate
Unreviewed
CVE-2024-6098
was published
Aug 16, 2024
In the Linux kernel, the following vulnerability has been resolved:
mm: huge_memory: use ...
Moderate
Unreviewed
CVE-2024-42258
was published
Aug 12, 2024
In the Linux kernel, the following vulnerability has been resolved:
wireguard: allowedips: avoid...
Moderate
Unreviewed
CVE-2024-42247
was published
Aug 7, 2024
In the Linux kernel, the following vulnerability has been resolved:
mmc: sdhci: Fix max_seg_size...
Moderate
Unreviewed
CVE-2024-42242
was published
Aug 7, 2024
In the Linux kernel, the following vulnerability has been resolved:
mm/shmem: disable PMD-sized...
Moderate
Unreviewed
CVE-2024-42241
was published
Aug 7, 2024
In the Linux kernel, the following vulnerability has been resolved:
xdp: Remove WARN() from...
Moderate
Unreviewed
CVE-2024-42082
was published
Jul 29, 2024
SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder
Moderate
CVE-2024-41132
was published
for
SixLabors.ImageSharp
(NuGet)
Jul 22, 2024
DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks
Moderate
GHSA-crjg-w57m-rqqf
was published
for
dnsjava:dnsjava
(Maven)
Jul 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix overrunning...
Moderate
Unreviewed
CVE-2024-41009
was published
Jul 17, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
Moderate
Unreviewed
CVE-2024-39876
was published
Jul 9, 2024
In the Linux kernel, the following vulnerability has been resolved:
crypto: starfive - Do not...
Moderate
Unreviewed
CVE-2024-39478
was published
Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved:
mmc: davinci: Don't strip...
Moderate
Unreviewed
CVE-2024-39484
was published
Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved:
bcache: fix variable length...
Moderate
Unreviewed
CVE-2024-39482
was published
Jul 5, 2024
ProTip!
Advisories are also available from the
GraphQL API