Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

899 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc... Moderate Unreviewed
CVE-2024-39474 was published Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length... Moderate Unreviewed
CVE-2024-39482 was published Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer... Moderate Unreviewed
CVE-2024-39472 was published Jul 5, 2024
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An... High Unreviewed
CVE-2024-6427 was published Jul 3, 2024
Potential memory exhaustion attack due to sparse slice deserialization High
CVE-2024-37298 was published for github.com/gorilla/schema (Go) Jul 1, 2024
AlexVasiluta
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack... Moderate Unreviewed
CVE-2024-35116 was published Jun 29, 2024
Unlimited number of NTS-KE connections can crash ntpd-rs server High
CVE-2024-38528 was published for ntpd (Rust) Jun 28, 2024
mlichvar
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to... Moderate Unreviewed
CVE-2024-31919 was published Jun 28, 2024
An issue the background management system of Shanxi Internet Chuangxiang Technology Co., Ltd v1.0... Moderate Unreviewed
CVE-2024-37681 was published Jun 24, 2024
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover... High Unreviewed
CVE-2024-34027 was published Jun 24, 2024
Allocation of Resources Without Limits or Throttling vulnerability in LG Electronics LG SuperSign... Unknown Unreviewed
CVE-2024-6176 was published Jun 20, 2024
CrateDB has a Client initialized Session-Renegotiation DoS Moderate
CVE-2024-37309 was published for io.crate:crate (Maven) Jun 13, 2024
BaurzhanSakhariev
gqlparser denial of service vulnerability via the parserDirectives function Moderate
CVE-2023-49559 was published for github.com/vektah/gqlparser (Go) Jun 12, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-31881 was published Jun 12, 2024
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-28762 was published Jun 12, 2024
TYPO3 Denial of Service in Online Media Asset Handling Moderate
GHSA-f3wf-q4fj-3gxf was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Denial of Service in Frontend Record Registration High
GHSA-g585-crjf-vhwq was published for typo3/cms (Composer) Jun 7, 2024
Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause... Moderate Unreviewed
CVE-2024-34055 was published Jun 5, 2024
is_closing_session() allows users to create arbitrary tcp dbus connections High Unreviewed
CVE-2022-28655 was published Jun 5, 2024
is_closing_session() allows users to consume RAM in the Apport process Moderate Unreviewed
CVE-2022-28656 was published Jun 5, 2024
is_closing_session() allows users to fill up apport.log Moderate Unreviewed
CVE-2022-28654 was published Jun 5, 2024
Flooding Server with Thumbnail files High
CVE-2024-32871 was published for pimcore/pimcore (Composer) Jun 4, 2024
jheimbach dandanx
TYPO3 Denial of Service in Frontend Record Registration High
GHSA-hjx5-v9xg-7h25 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Denial of Service in Online Media Asset Handling Moderate
GHSA-29m4-mx89-3mjg was published for typo3/cms-core (Composer) May 30, 2024
Denial of service of Minder Server from maliciously crafted GitHub attestations Moderate
CVE-2024-35238 was published for github.com/stacklok/minder (Go) May 28, 2024
AdamKorcz DavidKorczynski
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database