Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,498 advisories

Loading
Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability High Unreviewed
CVE-2025-21207 was published Jan 14, 2025
Windows Kerberos Denial of Service Vulnerability High Unreviewed
CVE-2025-21218 was published Jan 14, 2025
Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource... Moderate Unreviewed
CVE-2024-47239 was published Jan 8, 2025
go-git clients vulnerable to DoS via maliciously crafted Git server replies High
CVE-2025-21614 was published for github.com/go-git/go-git (Go) Jan 6, 2025
bdilalu
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service High
GHSA-5pf6-cq2v-23ww was published for github.com/clidey/whodb/core (Go) Dec 19, 2024
thevilledev
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP... Moderate Unreviewed
CVE-2022-27600 was published Dec 19, 2024
An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability ... Moderate Unreviewed
CVE-2024-12698 was published Dec 18, 2024
Apache Tomcat Uncontrolled Resource Consumption vulnerability Moderate
CVE-2024-54677 was published for org.apache.tomcat:tomcat-catalina (Maven) Dec 17, 2024
The Calculated Fields Form plugin for WordPress is vulnerable to Denial of Service in all... Moderate Unreviewed
CVE-2024-12601 was published Dec 17, 2024
ASA-2024-0012, ASA-2024-0013: CosmosSDK: Transaction decoding may result in a stack overflow or resource exhaustion High
GHSA-8wcc-m6j2-qxvm was published for cosmossdk.io/x/tx (Go) Dec 16, 2024
The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS... Moderate Unreviewed
CVE-2024-12579 was published Dec 13, 2024
Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue... High Unreviewed
CVE-2024-11835 was published Dec 13, 2024
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability High Unreviewed
CVE-2024-49129 was published Dec 12, 2024
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2024-49096 was published Dec 12, 2024
Windows Remote Desktop Services Denial of Service Vulnerability High Unreviewed
CVE-2024-49075 was published Dec 12, 2024
Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource... Moderate Unreviewed
CVE-2024-42426 was published Dec 9, 2024
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not ... High Unreviewed
CVE-2024-12254 was published Dec 6, 2024
Withdrawn Advisory: Netty vulnerability included in redis lettuce Moderate
GHSA-q4h9-7rxj-7gx2 was published for io.lettuce:lettuce-core (Maven) Dec 2, 2024 withdrawn
gmcallister-r7 SteffenGabel
There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL... Moderate Unreviewed
CVE-2024-11498 was published Nov 25, 2024
Tornado has an HTTP cookie parsing DoS vulnerability High
CVE-2024-52804 was published for tornado (pip) Nov 22, 2024
kexinoh
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an... Moderate Unreviewed
CVE-2024-45420 was published Nov 19, 2024
A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue... Moderate Unreviewed
CVE-2023-39180 was published Nov 18, 2024
Spring MVC controller vulnerable to a DoS attack Moderate
CVE-2024-38828 was published for org.springframework:spring-webmvc (Maven) Nov 18, 2024
ayamburg-panw Louis-Jones-Evri
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an... High Unreviewed
CVE-2023-20125 was published Nov 15, 2024
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch... High Unreviewed
CVE-2024-48989 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database