Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,231 advisories

Loading
Netty's HttpPostRequestDecoder can OOM Moderate
CVE-2024-29025 was published for io.netty:netty-codec-http (Maven) Mar 25, 2024
vietj
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing... Moderate Unreviewed
CVE-2023-52622 was published Mar 26, 2024
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add... Moderate Unreviewed
CVE-2024-26646 was published Mar 26, 2024
A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a... Moderate Unreviewed
CVE-2024-22436 was published Mar 26, 2024
VSeeFace through 1.13.38.c2 allows attackers to cause a denial of service (application hang) via... High Unreviewed
CVE-2024-26577 was published Mar 27, 2024
An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1.... High Unreviewed
CVE-2023-43768 was published Mar 27, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions... Moderate Unreviewed
CVE-2024-2818 was published Mar 28, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 is vulnerable to a denial of... Moderate Unreviewed
CVE-2024-22353 was published Mar 31, 2024
In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K ... Moderate Unreviewed
CVE-2024-26675 was published Apr 2, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause DOS through stack overflow. Low Unreviewed
CVE-2024-29086 was published Apr 2, 2024
QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack High
CVE-2024-22189 was published for github.com/quic-go/quic-go (Go) Apr 2, 2024
marten-seemann
In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN... Moderate Unreviewed
CVE-2024-26710 was published Apr 3, 2024
In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARN_ONCE()... Moderate Unreviewed
CVE-2024-26707 was published Apr 3, 2024
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from... Moderate Unreviewed
CVE-2024-26741 was published Apr 3, 2024
In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix... Moderate Unreviewed
CVE-2024-26743 was published Apr 3, 2024
amphp/http-client Denial of Service via HTTP/2 CONTINUATION Frames High
GHSA-w8gf-g2vq-j2f4 was published for amphp/http-client (Composer) Apr 3, 2024
bartekn
In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the... Moderate Unreviewed
CVE-2024-26798 was published Apr 4, 2024
IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.3 is vulnerable to a denial of... Moderate Unreviewed
CVE-2024-27268 was published Apr 4, 2024
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
Mattermost Server doesn't limit the number of user preferences Moderate
CVE-2024-28949 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 5, 2024
h2 servers vulnerable to degradation of service with CONTINUATION Flood Moderate
GHSA-q6cp-qfwq-4gcv was published for h2 (Rust) Apr 5, 2024
A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.254), Parasolid V36... Moderate Unreviewed
CVE-2024-26276 was published Apr 9, 2024
In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore... Moderate Unreviewed
CVE-2024-26816 was published Apr 10, 2024
lunary-ai/lunary version 0.3.0 is vulnerable to unauthorized project creation due to insufficient... Moderate Unreviewed
CVE-2024-1599 was published Apr 10, 2024
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a... High Unreviewed
CVE-2024-3382 was published Apr 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database