GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,455
Erlang
29
GitHub Actions
16
Go
1,670
Maven
4,932
npm
3,465
NuGet
600
pip
2,970
Pub
10
RubyGems
824
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,096 advisories
Filter by severity
TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController
Moderate
CVE-2024-34358
was published
for
typo3/cms-core
(Composer)
May 14, 2024
DHCP Server Service Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-30019
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Moderate
Unreviewed
CVE-2024-33498
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to...
Moderate
Unreviewed
CVE-2024-4539
was published
May 14, 2024
Uncontrolled resource consumption vulnerability in White Bear Solutions WBSAirback, version 21.02...
Moderate
Unreviewed
CVE-2024-3789
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.7, all versions...
Moderate
Unreviewed
CVE-2024-2651
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 prior to...
Moderate
Unreviewed
CVE-2024-2454
was published
May 14, 2024
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
Moderate
CVE-2024-29857
was published
for
BouncyCastle
(Maven)
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.11 prior to...
Moderate
Unreviewed
CVE-2023-6688
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to...
Moderate
Unreviewed
CVE-2023-6682
was published
May 14, 2024
octo-sts vulnerable to unauthenticated attacker causing unbounded CPU and memory usage
Low
CVE-2024-34079
was published
for
github.com/octo-sts/app
(Go)
May 13, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4438
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4437
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4436
was published
May 8, 2024
No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5...
Moderate
Unreviewed
CVE-2024-1930
was published
May 8, 2024
Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests
High
CVE-2024-34084
was published
for
github.com/stacklok/minder
(Go)
May 7, 2024
Remote denial of service vulnerability in LAN Messenger affecting version 3.4.0. This...
High
Unreviewed
CVE-2024-4599
was published
May 7, 2024
go-ethereum vulnerable to DoS via malicious p2p message
High
CVE-2024-32972
was published
for
github.com/ethereum/go-ethereum
(Go)
May 6, 2024
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service...
High
Unreviewed
CVE-2023-39477
was published
May 3, 2024
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service...
High
Unreviewed
CVE-2023-27334
was published
May 3, 2024
Yamux Memory Exhaustion Vulnerability via Active::pending_frames property
High
CVE-2024-32984
was published
for
yamux
(Rust)
May 1, 2024
Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences
Moderate
CVE-2024-32476
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Apr 26, 2024
Mattermost fails to limit the number of active sessions
Moderate
CVE-2024-4183
was published
for
github.com/mattermost/mattermost-server
(Go)
Apr 26, 2024
Mattermost fails to limit the size of a request path
Low
CVE-2024-22091
was published
for
github.com/mattermost/mattermost-server
(Go)
Apr 26, 2024
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ...
High
Unreviewed
CVE-2024-4056
was published
Apr 26, 2024
ProTip!
Advisories are also available from the
GraphQL API