GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
82 advisories
Filter by severity
In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106),...
Moderate
Unreviewed
CVE-2024-8049
was published
Nov 13, 2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Add schedule points in...
Low
Unreviewed
CVE-2022-48939
was published
Aug 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Validate...
Moderate
Unreviewed
CVE-2024-42237
was published
Aug 7, 2024
In the Linux kernel, the following vulnerability has been resolved:
ionic: use...
Moderate
Unreviewed
CVE-2024-42071
was published
Jul 29, 2024
Issue summary: Checking excessively long DSA keys or parameters may be very
slow.
Impact summary...
Moderate
Unreviewed
CVE-2024-4603
was published
May 16, 2024
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of...
High
Unreviewed
CVE-2024-0842
was published
Feb 9, 2024
Liferay Portal denial-of-service vulnerability
Moderate
CVE-2024-25144
was published
for
com.liferay.portal:release.dxp.bom
(Maven)
Feb 8, 2024
Denial of service in HashiCorp Consul
High
CVE-2020-25201
was published
for
github.com/hashicorp/consul
(Go)
Jan 31, 2024
phpseclib vulnerable to denial of service
High
CVE-2023-49316
was published
for
phpseclib/phpseclib
(Composer)
Nov 27, 2023
Eclipse Parsson Denial of Service vulnerability
Moderate
CVE-2023-4043
was published
for
org.eclipse.parsson:project
(Maven)
Nov 3, 2023
In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server...
High
Unreviewed
CVE-2023-5632
was published
Oct 18, 2023
Golang TIFF decoder vulnerable to excessive CPU consumption
Moderate
CVE-2023-29407
was published
for
golang.org/x/image
(Go)
Aug 2, 2023
Keylime's registrar vulnerable to Denial-of-service attack via a single open connection
High
CVE-2023-38200
was published
for
keylime
(pip)
Aug 1, 2023
Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary:...
Moderate
Unreviewed
CVE-2023-3817
was published
Jul 31, 2023
An issue was discovered in function get_gnu_verneed in rizinorg Rizin prior to 0.5.0...
Moderate
Unreviewed
CVE-2023-30226
was published
Jul 12, 2023
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of...
Moderate
Unreviewed
CVE-2023-1993
was published
Apr 12, 2023
Apache Sling Resource Merger has Excessive Iteration vulnerability
High
CVE-2023-26513
was published
for
org.apache.sling:org.apache.sling.resourcemerger
(Maven)
Mar 20, 2023
Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows...
Moderate
Unreviewed
CVE-2023-0411
was published
Jan 26, 2023
OctoRPKI crashes when max iterations is reached
Moderate
CVE-2022-3616
was published
for
github.com/cloudflare/cfrpki
(Go)
Oct 31, 2022
JOSE vulnerable to resource exhaustion via specifically crafted JWE
Moderate
CVE-2022-36083
was published
for
jose
(npm)
Sep 16, 2022
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability....
Moderate
Unreviewed
CVE-2021-21565
was published
May 24, 2022
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386...
High
Unreviewed
CVE-2021-3128
was published
May 24, 2022
In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL...
High
Unreviewed
CVE-2021-3125
was published
May 24, 2022
In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive...
High
Unreviewed
CVE-2021-23270
was published
May 24, 2022
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU"...
Moderate
Unreviewed
CVE-2021-28950
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API