Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,330 advisories

Loading
Apprise vulnerable to regex injection with IFTTT Plugin High
CVE-2021-39229 was published for apprise (pip) Sep 20, 2021
kevinbackhouse erik-krogh
Apache IoTDB subject to ReDOS with Java 8 High
CVE-2022-43766 was published for apache-iotdb (Maven) Oct 26, 2022
DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources Moderate
GHSA-mmwx-rj87-vfgr was published for dnsjava:dnsjava (Maven) Jul 22, 2024
levpachmanov amita-seal
Apache Airflow denial of service vulnerability High
CVE-2023-37379 was published for apache-airflow (pip) Aug 23, 2023
Drivers are not always robust to extremely large draw calls and in some cases this scenario could... High Unreviewed
CVE-2023-5724 was published Oct 25, 2023
fast-xml-parser vulnerable to ReDOS at currency parsing High
CVE-2024-41818 was published for fast-xml-parser (npm) Jul 29, 2024
Gauss-Security amitguptagwl
An adversary could cause a continuous restart loop to the entire device by sending a large... High Unreviewed
CVE-2023-40710 was published Aug 24, 2023
An adversary could crash the entire device by sending a large quantity of ICMP requests if the... High Unreviewed
CVE-2023-40709 was published Aug 24, 2023
An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed
CVE-2023-40408 was published Oct 25, 2023
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-38236 was published Sep 10, 2024
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected... Moderate Unreviewed
CVE-2017-2681 was published May 13, 2022
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of... Moderate Unreviewed
CVE-2017-2680 was published May 13, 2022
A vulnerability has been identified in CP1604 (All versions < V2.8), CP1616 (All versions < V2.8)... Moderate Unreviewed
CVE-2019-10923 was published May 24, 2022
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All... High Unreviewed
CVE-2024-43647 was published Sep 10, 2024
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. Moderate
CVE-2024-29857 was published for BouncyCastle (Maven) May 14, 2024
levpachmanov
An issue discovered in Govee LED Strip v3.00.42 allows attackers to cause a denial of service via... High Unreviewed
CVE-2023-45956 was published Oct 31, 2023
Undertow's url-encoded request path information can be broken on ajp-listener High
CVE-2024-6162 was published for io.undertow:undertow-core (Maven) Jun 20, 2024
Bouncy Castle Denial of Service (DoS) Moderate
CVE-2023-33202 was published for org.bouncycastle:bcpkix-jdk18on (Maven) Nov 23, 2023
ind-team ebickle
Ghcml mpihelgas
OCI image importer memory exhaustion in github.com/containerd/containerd Moderate
CVE-2023-25153 was published for github.com/containerd/containerd (Go) Feb 16, 2023
AdamKorcz DavidKorczynski
In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource... High Unreviewed
CVE-2023-21339 was published Oct 30, 2023
regular expression denial-of-service (ReDoS) in Bleach High
CVE-2020-6817 was published for bleach (pip) Mar 30, 2020
nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial... Unknown Unreviewed
CVE-2024-28214 was published Mar 7, 2024
Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the... Moderate Unreviewed
CVE-2024-23441 was published Jan 29, 2024
IObit Malware Fighter v11.0.0.1274 is vulnerable to a Denial of Service vulnerability by... Moderate Unreviewed
CVE-2024-0430 was published Jan 22, 2024
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted... Moderate Unreviewed
CVE-2023-22819 was published Feb 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database