Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,945
Erlang
29
GitHub Actions
16
Go
1,731
Maven
4,961
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,127 advisories

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to... Moderate Unreviewed
CVE-2024-1495 was published Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16... Moderate Unreviewed
CVE-2024-1963 was published Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting... Moderate Unreviewed
CVE-2024-1736 was published Jun 13, 2024
gqlparser denial of service vulnerability via the parserDirectives function Moderate
CVE-2023-49559 was published for github.com/vektah/gqlparser (Go) Jun 12, 2024
Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java,... High Unreviewed
CVE-2024-34688 was published Jun 11, 2024
SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by... Moderate Unreviewed
CVE-2024-33001 was published Jun 11, 2024
go-grpc-compression has a zstd decompression bombing vulnerability High
GHSA-87m9-rv8p-rgmg was published for github.com/mostynb/go-grpc-compression (Go) Jun 10, 2024
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in... Moderate Unreviewed
CVE-2024-3153 was published Jun 6, 2024
Denial of service in langchain Moderate
CVE-2024-2965 was published for langchain (pip) Jun 6, 2024
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search Moderate
GHSA-pmxp-7224-h794 was published for typo3/cms (Composer) Jun 4, 2024
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro,... Unknown Unreviewed
CVE-2024-5422 was published Jun 4, 2024
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary... High Unreviewed
CVE-2024-4148 was published Jun 1, 2024
Apache Superset uncontrolled resource consumption Moderate
CVE-2024-23952 was published for apache-superset (pip) May 30, 2024 withdrawn
SilverStripe framework XML Quadratic Blowup Attack Moderate
GHSA-g43w-98wp-m694 was published for silverstripe/framework (Composer) May 23, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed
CVE-2023-6502 was published May 23, 2024
A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13... Moderate Unreviewed
CVE-2024-1947 was published May 23, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11... Moderate Unreviewed
CVE-2024-2874 was published May 23, 2024
Stacklok Minder vulnerable to denial of service from maliciously crafted templates Moderate
CVE-2024-35194 was published for github.com/stacklok/minder (Go) May 20, 2024
AdamKorcz DavidKorczynski
A vulnerability in mintplex-labs/anything-llm allows for a denial of service (DoS) condition... Moderate Unreviewed
CVE-2024-4284 was published May 20, 2024
Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier.... High Unreviewed
CVE-2024-5055 was published May 17, 2024
Denial of Service (DoS) vulnerability for Cerberus Enterprise 8.0.10.3 web administration. The... High Unreviewed
CVE-2024-5052 was published May 17, 2024
Denial of service of Minder Server with attacker-controlled REST endpoint Moderate
CVE-2024-35185 was published for github.com/stacklok/minder (Go) May 16, 2024
AdamKorcz DavidKorczynski
REXML contains a denial of service vulnerability Moderate
CVE-2024-35176 was published for rexml (RubyGems) May 16, 2024
A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount... Moderate Unreviewed
CVE-2023-7258 was published May 15, 2024
TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController Moderate
CVE-2024-34358 was published for typo3/cms-core (Composer) May 14, 2024
derhansen bnf
bmack
ProTip! Advisories are also available from the GraphQL API