Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,436
Erlang
29
GitHub Actions
16
Go
1,661
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,077 advisories

Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service... High Unreviewed
CVE-2023-39477 was published May 3, 2024
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service... High Unreviewed
CVE-2023-27334 was published May 3, 2024
Yamux Memory Exhaustion Vulnerability via Active::pending_frames property High
CVE-2024-32984 was published for yamux (Rust) May 1, 2024
jxs marten-seemann
AgeManning
Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences Moderate
CVE-2024-32476 was published for github.com/argoproj/argo-cd/v2 (Go) Apr 26, 2024
crenshaw-dev
Mattermost fails to limit the number of active sessions Moderate
CVE-2024-4183 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
Mattermost fails to limit the size of a request path Low
CVE-2024-22091 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ... High Unreviewed
CVE-2024-4056 was published Apr 26, 2024
python-jose denial of service via compressed JWE content Moderate
CVE-2024-33664 was published for python-jose (pip) Apr 26, 2024
garyd203
An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability... High Unreviewed
CVE-2023-6596 was published Apr 25, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16... High Unreviewed
CVE-2024-2829 was published Apr 25, 2024
Denial of service in Kubernetes Moderate
CVE-2020-8557 was published for k8s.io/kubernetes/pkg/kubelet (Go) Apr 24, 2024
Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial... Low Unreviewed
CVE-2024-3872 was published Apr 16, 2024
parisneo/lollms-webui is vulnerable to a denial of service (DoS) attack due to uncontrolled... Moderate Unreviewed
CVE-2024-1569 was published Apr 16, 2024
Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in... Moderate Unreviewed
CVE-2024-0157 was published Apr 12, 2024
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions... Moderate Unreviewed
CVE-2023-6678 was published Apr 12, 2024
A denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 prior to 16.8.6... Moderate Unreviewed
CVE-2023-6489 was published Apr 12, 2024
Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode Moderate
CVE-2024-3651 was published for idna (pip) Apr 11, 2024
guidovranken
A Denial of Service (DoS) vulnerability exists in the mintplex-labs/anything-llm repository when... High Unreviewed
CVE-2024-3569 was published Apr 10, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26215 was published Apr 9, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26212 was published Apr 9, 2024
The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to... Moderate Unreviewed
CVE-2024-30218 was published Apr 9, 2024
h2 servers vulnerable to degradation of service with CONTINUATION Flood Moderate
GHSA-q6cp-qfwq-4gcv was published for h2 (Rust) Apr 5, 2024
Mattermost Server doesn't limit the number of user preferences Moderate
CVE-2024-28949 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 5, 2024
net/http, x/net/http2: close connections when receiving too many headers Moderate
CVE-2023-45288 was published for golang.org/x/net (Go) Apr 4, 2024
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... Unknown Unreviewed
CVE-2024-27316 was published Apr 4, 2024
ProTip! Advisories are also available from the GraphQL API