GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,000
Erlang
29
GitHub Actions
16
Go
1,787
Maven
5,000+
npm
3,547
NuGet
622
pip
3,143
Pub
10
RubyGems
839
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
696 advisories
Filter by severity
An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to...
Moderate
Unreviewed
CVE-2024-37281
was published
Jul 31, 2024
An issue in the Certificate Authenticated Session Establishment (CASE) protocol for establishing...
Moderate
Unreviewed
CVE-2024-3297
was published
Jul 24, 2024
A flaw was found in libtiff. This flaw allows an attacker to create a crafted tiff file, forcing...
Moderate
Unreviewed
CVE-2024-6716
was published
Jul 15, 2024
A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function...
Moderate
Unreviewed
CVE-2023-39329
was published
Jul 13, 2024
A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a...
Moderate
Unreviewed
CVE-2023-39327
was published
Jul 13, 2024
Windows Line Printer Daemon Service Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-38027
was published
Jul 9, 2024
Windows iSCSI Service Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-35270
was published
Jul 9, 2024
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to...
Moderate
Unreviewed
CVE-2023-39328
was published
Jul 9, 2024
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to...
Moderate
Unreviewed
CVE-2024-22104
was published
Jul 2, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11...
Moderate
Unreviewed
CVE-2024-1816
was published
Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5...
Moderate
Unreviewed
CVE-2024-1493
was published
Jun 27, 2024
Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all...
Moderate
Unreviewed
CVE-2024-4557
was published
Jun 27, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The...
Moderate
Unreviewed
CVE-2024-33881
was published
Jun 24, 2024
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability...
Moderate
Unreviewed
CVE-2024-23443
was published
Jun 19, 2024
An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of...
Moderate
Unreviewed
CVE-2024-5208
was published
Jun 19, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16...
Moderate
Unreviewed
CVE-2024-1963
was published
Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting...
Moderate
Unreviewed
CVE-2024-1736
was published
Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to...
Moderate
Unreviewed
CVE-2024-1495
was published
Jun 13, 2024
SAP NetWeaver and ABAP platform allows an
attacker to impede performance for legitimate users by...
Moderate
Unreviewed
CVE-2024-33001
was published
Jun 11, 2024
The issue was addressed with improvements to the file handling protocol. This issue is fixed in...
Moderate
Unreviewed
CVE-2024-27812
was published
Jun 10, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13...
Moderate
Unreviewed
CVE-2024-27800
was published
Jun 10, 2024
GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via...
Moderate
Unreviewed
CVE-2024-37535
was published
Jun 9, 2024
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in...
Moderate
Unreviewed
CVE-2024-3153
was published
Jun 6, 2024
An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause...
Moderate
Unreviewed
CVE-2024-36845
was published
May 31, 2024
A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13...
Moderate
Unreviewed
CVE-2024-1947
was published
May 23, 2024
ProTip!
Advisories are also available from the
GraphQL API