GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
448 advisories
Filter by severity
Waitress vulnerable to DoS leading to high CPU usage/resource exhaustion
High
CVE-2024-49769
was published
for
waitress
(pip)
Oct 29, 2024
A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance ...
Moderate
Unreviewed
CVE-2024-20481
was published
Oct 23, 2024
A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of...
Moderate
Unreviewed
CVE-2024-20493
was published
Oct 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
netfs: Delete subtree of 'fs...
Moderate
Unreviewed
CVE-2024-47733
was published
Oct 21, 2024
Apache Answer: The link for resetting user password is not Single-Use
Moderate
CVE-2024-41888
was published
for
github.com/apache/incubator-answer
(Go)
Aug 12, 2024
Apache Answer: The link to reset the user's password will remain valid after sending a new link
Moderate
CVE-2024-41890
was published
for
github.com/apache/incubator-answer
(Go)
Aug 12, 2024
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,...
High
Unreviewed
CVE-2024-39562
was published
Jul 11, 2024
OpenVPN 2.6.10 and earlier in a server role accepts multiple exit notifications from...
Moderate
Unreviewed
CVE-2024-28882
was published
Jul 9, 2024
In the Linux kernel, the following vulnerability has been resolved:
KVM: SVM: fix missing...
Moderate
Unreviewed
CVE-2021-47389
was published
May 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
ubifs: Set page uptodate in...
High
Unreviewed
CVE-2024-35821
was published
May 17, 2024
Missing release of resource after effective lifetime (CWE-772) in the Controller 7000 resulted...
Moderate
Unreviewed
CVE-2024-22383
was published
Mar 5, 2024
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed...
High
Unreviewed
CVE-2024-21789
was published
Feb 14, 2024
Etcd Gateway can include itself as an endpoint resulting in resource exhaustion
High
CVE-2020-15114
was published
for
go.etcd.io/etcd
(Go)
Jan 31, 2024
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could...
Moderate
Unreviewed
CVE-2023-31274
was published
Jan 18, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all...
Low
Unreviewed
CVE-2023-47216
was published
Jan 2, 2024
Traefik vulnerable to potential DDoS via ACME HTTPChallenge
Moderate
CVE-2023-47124
was published
for
github.com/traefik/traefik/v2
(Go)
Dec 5, 2023
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2023-20095
was published
Nov 1, 2023
Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free
Moderate
CVE-2023-45814
was published
for
Bunkum
(NuGet)
Oct 19, 2023
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to...
High
Unreviewed
CVE-2023-36533
was published
Aug 8, 2023
In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3,...
Moderate
Unreviewed
CVE-2023-22302
was published
Jul 6, 2023
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated...
High
Unreviewed
CVE-2023-1150
was published
Jun 26, 2023
In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an...
Moderate
Unreviewed
CVE-2023-22996
was published
Feb 28, 2023
A vulnerability classified as problematic was found in vicamo NetworkManager. Affected by this...
High
Unreviewed
CVE-2014-125042
was published
Jan 5, 2023
golang.org/x/text/language Denial of service via crafted Accept-Language header
High
CVE-2022-32149
was published
for
golang.org/x/text
(Go)
Oct 14, 2022
Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability....
Moderate
Unreviewed
CVE-2022-31222
was published
Sep 13, 2022
ProTip!
Advisories are also available from the
GraphQL API