GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,109 advisories
Filter by severity
This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache...
Moderate
Unreviewed
CVE-2024-23952
was published
May 30, 2024
SilverStripe framework XML Quadratic Blowup Attack
Moderate
GHSA-g43w-98wp-m694
was published
for
silverstripe/framework
(Composer)
May 23, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2023-6502
was published
May 23, 2024
A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13...
Moderate
Unreviewed
CVE-2024-1947
was published
May 23, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11...
Moderate
Unreviewed
CVE-2024-2874
was published
May 23, 2024
Stacklok Minder vulnerable to denial of service from maliciously crafted templates
Moderate
CVE-2024-35194
was published
for
github.com/stacklok/minder
(Go)
May 20, 2024
A vulnerability in mintplex-labs/anything-llm allows for a denial of service (DoS) condition...
Moderate
Unreviewed
CVE-2024-4284
was published
May 20, 2024
Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier....
High
Unreviewed
CVE-2024-5055
was published
May 17, 2024
Denial of Service (DoS) vulnerability for Cerberus Enterprise 8.0.10.3 web administration. The...
High
Unreviewed
CVE-2024-5052
was published
May 17, 2024
Denial of service of Minder Server with attacker-controlled REST endpoint
Moderate
CVE-2024-35185
was published
for
github.com/stacklok/minder
(Go)
May 16, 2024
REXML contains a denial of service vulnerability
Moderate
CVE-2024-35176
was published
for
rexml
(RubyGems)
May 16, 2024
A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount...
Moderate
Unreviewed
CVE-2023-7258
was published
May 15, 2024
TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController
Moderate
CVE-2024-34358
was published
for
typo3/cms-core
(Composer)
May 14, 2024
DHCP Server Service Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-30019
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Moderate
Unreviewed
CVE-2024-33498
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to...
Moderate
Unreviewed
CVE-2024-4539
was published
May 14, 2024
Uncontrolled resource consumption vulnerability in White Bear Solutions WBSAirback, version 21.02...
Moderate
Unreviewed
CVE-2024-3789
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 prior to...
Moderate
Unreviewed
CVE-2024-2454
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.7, all versions...
Moderate
Unreviewed
CVE-2024-2651
was published
May 14, 2024
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
Moderate
CVE-2024-29857
was published
for
BouncyCastle
(Maven)
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to...
Moderate
Unreviewed
CVE-2023-6682
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.11 prior to...
Moderate
Unreviewed
CVE-2023-6688
was published
May 14, 2024
octo-sts vulnerable to unauthenticated attacker causing unbounded CPU and memory usage
Low
CVE-2024-34079
was published
for
github.com/octo-sts/app
(Go)
May 13, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4438
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4436
was published
May 8, 2024
ProTip!
Advisories are also available from the
GraphQL API