GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
43 advisories
Filter by severity
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom...
Moderate
Unreviewed
CVE-2023-39203
was published
Nov 15, 2023
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to...
Moderate
Unreviewed
CVE-2024-40680
was published
Sep 7, 2024
SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder
Moderate
CVE-2024-41132
was published
for
SixLabors.ImageSharp
(NuGet)
Jul 22, 2024
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of...
Moderate
Unreviewed
CVE-2023-5371
was published
Oct 4, 2023
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack...
Moderate
Unreviewed
CVE-2024-35116
was published
Jun 29, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an...
Moderate
Unreviewed
CVE-2024-35152
was published
Aug 14, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an...
Moderate
Unreviewed
CVE-2024-37529
was published
Aug 14, 2024
To keep its cache database efficient, `named` running as a recursive resolver occasionally...
High
Unreviewed
CVE-2023-6516
was published
Feb 13, 2024
@grpc/grpc-js can allocate memory for incoming messages well above configured limits
Moderate
CVE-2024-37168
was published
for
@grpc/grpc-js
(npm)
Jun 10, 2024
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code...
Moderate
Unreviewed
CVE-2024-2494
was published
Mar 21, 2024
Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service
High
CVE-2022-34917
was published
for
org.apache.kafka:kafka
(Maven)
Sep 21, 2022
Undertow vulnerable to denial of service
High
CVE-2023-3223
was published
for
io.undertow:undertow-parent
(Maven)
Sep 27, 2023
Symfony Denial of Service Via Long Password Hashing
Moderate
CVE-2013-5958
was published
for
symfony/polyfill
(Composer)
May 17, 2022
SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size Value
Moderate
CVE-2024-32035
was published
for
SixLabors.ImageSharp
(NuGet)
Apr 15, 2024
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port...
Critical
Unreviewed
CVE-2023-43632
was published
Sep 21, 2023
amphp/http-client Denial of Service via HTTP/2 CONTINUATION Frames
High
GHSA-w8gf-g2vq-j2f4
was published
for
amphp/http-client
(Composer)
Apr 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in WEKA INTEREST Security Scanner...
High
Unreviewed
CVE-2017-20016
was published
Mar 29, 2022
docconv vulnerable to Memory Allocation with Excessive Size Value
Moderate
CVE-2022-4741
was published
for
code.sajari.com/docconv
(Go)
Dec 25, 2022
A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for...
Moderate
Unreviewed
CVE-2023-20202
was published
Sep 27, 2023
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that...
Moderate
Unreviewed
CVE-2023-0809
was published
Oct 2, 2023
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation...
High
Unreviewed
CVE-2023-3171
was published
Dec 27, 2023
Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input
High
CVE-2023-37279
was published
for
github.com/contribsys/faktory
(Go)
Sep 20, 2023
vyper vulnerable to storage allocator overflow
High
CVE-2023-30837
was published
for
vyper
(pip)
May 5, 2023
A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM ...
High
Unreviewed
CVE-2023-20108
was published
Jun 28, 2023
ProTip!
Advisories are also available from the
GraphQL API