Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

509 advisories

Loading
Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2024-38286 was published for org.apache.tomcat:tomcat-util (Maven) Nov 7, 2024
An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an attacker to cause a denial of... High Unreviewed
CVE-2023-27191 was published Apr 11, 2023
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before... High Unreviewed
CVE-2018-15472 was published Apr 16, 2023
An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a denial of service... High Unreviewed
CVE-2023-27653 was published Apr 14, 2023
An issue found in POWERAMP 925-bundle-play and Poweramp 954-uni allows a remote attacker to cause... High Unreviewed
CVE-2023-27643 was published Apr 14, 2023
Connection leaking on idle timeout when TCP congested High
CVE-2024-22201 was published for org.eclipse.jetty.http2:http2-common (Maven) Feb 26, 2024
luffy1949
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it... High Unreviewed
CVE-2024-12705 was published Jan 30, 2025
TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error, with RpcStatus... High Unreviewed
CVE-2023-30636 was published Apr 14, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to... High Unreviewed
CVE-2024-2878 was published Feb 5, 2025
An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the... High Unreviewed
CVE-2024-57519 was published Jan 29, 2025
When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is... High Unreviewed
CVE-2025-24312 was published Feb 5, 2025
Sengled Dimmer Switch V0.0.9 contains a denial of service (DOS) vulnerability, which allows a... High Unreviewed
CVE-2023-29779 was published Apr 25, 2023
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not ... High Unreviewed
CVE-2024-12254 was published Dec 6, 2024
An issue was discovered in ebankIT before 7. A Denial-of-Service attack is possible through the... High Unreviewed
CVE-2023-30455 was published Apr 28, 2023
Trustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service (worker crash... High Unreviewed
CVE-2023-28882 was published Apr 28, 2023
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of... High Unreviewed
CVE-2023-26285 was published May 5, 2023
In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API... High Unreviewed
CVE-2024-56316 was published Jan 28, 2025
An allocation-size-too-big bug in the component /imagebuf.cpp of OpenImageIO v3.1.0.0dev may... High Unreviewed
CVE-2024-55195 was published Jan 24, 2025
A vulnerability has been identified where a maliciously crafted message containing a specific... High Unreviewed
CVE-2023-28356 was published May 12, 2023
In several functions of SnoozeHelper.java, there is a possible way to grant notifications access... High Unreviewed
CVE-2023-21110 was published May 16, 2023
Unlimited consumption of resources in @fastify/multipart High
CVE-2025-24033 was published for @fastify/multipart (npm) Jan 23, 2025
Uncontrolled Resource Consumption in moodle High
CVE-2024-25978 was published for moodle/moodle (Composer) Feb 19, 2024
An issue in the sqlg_group_node component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57664 was published Jan 14, 2025
An issue in the sqlg_hash_source component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57662 was published Jan 14, 2025
An issue in the sqlg_place_dpipes component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57663 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database