GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,945
Erlang
29
GitHub Actions
16
Go
1,731
Maven
4,961
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,127 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to...
Moderate
Unreviewed
CVE-2024-1495
was published
Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16...
Moderate
Unreviewed
CVE-2024-1963
was published
Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting...
Moderate
Unreviewed
CVE-2024-1736
was published
Jun 13, 2024
gqlparser denial of service vulnerability via the parserDirectives function
Moderate
CVE-2023-49559
was published
for
github.com/vektah/gqlparser
(Go)
Jun 12, 2024
Due to unrestricted access to the Meta Model
Repository services in SAP NetWeaver AS Java,...
High
Unreviewed
CVE-2024-34688
was published
Jun 11, 2024
SAP NetWeaver and ABAP platform allows an
attacker to impede performance for legitimate users by...
Moderate
Unreviewed
CVE-2024-33001
was published
Jun 11, 2024
go-grpc-compression has a zstd decompression bombing vulnerability
High
GHSA-87m9-rv8p-rgmg
was published
for
github.com/mostynb/go-grpc-compression
(Go)
Jun 10, 2024
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in...
Moderate
Unreviewed
CVE-2024-3153
was published
Jun 6, 2024
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search
Moderate
GHSA-pmxp-7224-h794
was published
for
typo3/cms
(Composer)
Jun 4, 2024
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro,...
Unknown
Unreviewed
CVE-2024-5422
was published
Jun 4, 2024
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary...
High
Unreviewed
CVE-2024-4148
was published
Jun 1, 2024
Apache Superset uncontrolled resource consumption
Moderate
CVE-2024-23952
was published
for
apache-superset
(pip)
May 30, 2024
•
withdrawn
SilverStripe framework XML Quadratic Blowup Attack
Moderate
GHSA-g43w-98wp-m694
was published
for
silverstripe/framework
(Composer)
May 23, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2023-6502
was published
May 23, 2024
A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13...
Moderate
Unreviewed
CVE-2024-1947
was published
May 23, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11...
Moderate
Unreviewed
CVE-2024-2874
was published
May 23, 2024
Stacklok Minder vulnerable to denial of service from maliciously crafted templates
Moderate
CVE-2024-35194
was published
for
github.com/stacklok/minder
(Go)
May 20, 2024
A vulnerability in mintplex-labs/anything-llm allows for a denial of service (DoS) condition...
Moderate
Unreviewed
CVE-2024-4284
was published
May 20, 2024
Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier....
High
Unreviewed
CVE-2024-5055
was published
May 17, 2024
Denial of Service (DoS) vulnerability for Cerberus Enterprise 8.0.10.3 web administration. The...
High
Unreviewed
CVE-2024-5052
was published
May 17, 2024
Denial of service of Minder Server with attacker-controlled REST endpoint
Moderate
CVE-2024-35185
was published
for
github.com/stacklok/minder
(Go)
May 16, 2024
REXML contains a denial of service vulnerability
Moderate
CVE-2024-35176
was published
for
rexml
(RubyGems)
May 16, 2024
A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount...
Moderate
Unreviewed
CVE-2023-7258
was published
May 15, 2024
TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController
Moderate
CVE-2024-34358
was published
for
typo3/cms-core
(Composer)
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API