Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,231 advisories

Loading
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the... High Unreviewed
CVE-2024-11316 was published Dec 5, 2024
rPGP Potential Resource Exhaustion when handling Untrusted Messages High
CVE-2024-53857 was published for pgp (Rust) Dec 5, 2024
invd hko-s
link2xt dignifiedquire
Django denial-of-service in django.utils.html.strip_tags() Moderate
CVE-2024-53907 was published for Django (pip) Dec 6, 2024
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not ... High Unreviewed
CVE-2024-12254 was published Dec 6, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-41762 was published Dec 7, 2024
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS... Critical Unreviewed
CVE-2024-44241 was published Dec 12, 2024
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2,... Moderate Unreviewed
CVE-2024-54501 was published Dec 12, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.4.6,... Moderate Unreviewed
CVE-2024-9367 was published Dec 12, 2024
Non-linear parsing of case-insensitive content in golang.org/x/net/html High
CVE-2024-45338 was published for golang.org/x/net/html (Go) Dec 18, 2024
mkcops
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user... High Unreviewed
CVE-2024-56319 was published Dec 19, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2023-30443 was published Dec 19, 2024
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service High
GHSA-5pf6-cq2v-23ww was published for github.com/clidey/whodb/core (Go) Dec 19, 2024
thevilledev
A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2024-54538 was published Dec 20, 2024
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck... Moderate Unreviewed
CVE-2024-56722 was published Dec 29, 2024
In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg... Moderate Unreviewed
CVE-2022-49035 was published Jan 2, 2025
Next.js Allows a Denial of Service (DoS) with Server Actions Moderate
CVE-2024-56332 was published for next (npm) Jan 3, 2025
gnoff ztanner
eps1lon
Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access... High Unreviewed
CVE-2024-43064 was published Jan 6, 2025
go-git clients vulnerable to DoS via maliciously crafted Git server replies High
CVE-2025-21614 was published for github.com/go-git/go-git (Go) Jan 6, 2025
bdilalu
IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending... Moderate Unreviewed
CVE-2024-45100 was published Jan 7, 2025
IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1... Moderate Unreviewed
CVE-2022-22491 was published Jan 9, 2025
An issue was discovered in Samsung Mobile Processor and Modem Exynos 9820, 9825, 980, 990, 1080,... Moderate Unreviewed
CVE-2024-46921 was published Jan 13, 2025
An issue in the sqlg_place_dpipes component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57663 was published Jan 14, 2025
An issue in the sqlg_group_node component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57664 was published Jan 14, 2025
An issue in the sqlg_hash_source component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57662 was published Jan 14, 2025
An allocation of resources without limits or throttling [CWE-770] vulnerability in FortiOS... Moderate Unreviewed
CVE-2024-46666 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database