Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

740 advisories

Loading
REXML DoS vulnerability Moderate
CVE-2024-41946 was published for rexml (RubyGems) Aug 2, 2024
naitoh
REXML DoS vulnerability Moderate
CVE-2024-41123 was published for rexml (RubyGems) Aug 1, 2024
GraphQL Java does not properly consider ExecutableNormalizedFields (ENFs) as part of preventing denial of service High
CVE-2024-40094 was published for com.graphql-java:graphql-java (Maven) Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN() from... Moderate Unreviewed
CVE-2024-42082 was published Jul 29, 2024
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the... High Unreviewed
CVE-2024-1737 was published Jul 23, 2024
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a ... High Unreviewed
CVE-2024-1975 was published Jul 23, 2024
A malicious client can send many DNS messages over TCP, potentially causing the server to become... High Unreviewed
CVE-2024-0760 was published Jul 23, 2024
SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder Moderate
CVE-2024-41132 was published for SixLabors.ImageSharp (NuGet) Jul 22, 2024
ErazerBrecht
DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks Moderate
GHSA-crjg-w57m-rqqf was published for dnsjava:dnsjava (Maven) Jul 22, 2024
levpachmanov amita-seal
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning... Moderate Unreviewed
CVE-2024-41009 was published Jul 17, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
Django vulnerable to Denial of Service High
CVE-2024-39614 was published for Django (pip) Jul 10, 2024
A denial-of-service attack is possible through the execution functionality of KNIME Business Hub... High Unreviewed
CVE-2024-6598 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... Moderate Unreviewed
CVE-2024-39876 was published Jul 9, 2024
OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerability High
CVE-2024-33862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jul 6, 2024
In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer... Moderate Unreviewed
CVE-2024-39472 was published Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc... Moderate Unreviewed
CVE-2024-39474 was published Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: do not call... Moderate Unreviewed
CVE-2024-39477 was published Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not... Moderate Unreviewed
CVE-2024-39478 was published Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip... Moderate Unreviewed
CVE-2024-39484 was published Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length... Moderate Unreviewed
CVE-2024-39482 was published Jul 5, 2024
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An... High Unreviewed
CVE-2024-6427 was published Jul 3, 2024
Potential memory exhaustion attack due to sparse slice deserialization High
CVE-2024-37298 was published for github.com/gorilla/schema (Go) Jul 1, 2024
AlexVasiluta
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack... Moderate Unreviewed
CVE-2024-35116 was published Jun 29, 2024
Unlimited number of NTS-KE connections can crash ntpd-rs server High
CVE-2024-38528 was published for ntpd (Rust) Jun 28, 2024
mlichvar
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database