Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,383 advisories

Loading
An adversary could cause a continuous restart loop to the entire device by sending a large... High Unreviewed
CVE-2023-40710 was published Aug 24, 2023
An adversary could crash the entire device by sending a large quantity of ICMP requests if the... High Unreviewed
CVE-2023-40709 was published Aug 24, 2023
An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed
CVE-2023-40408 was published Oct 25, 2023
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-38236 was published Sep 10, 2024
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of... Moderate Unreviewed
CVE-2017-2680 was published May 13, 2022
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected... Moderate Unreviewed
CVE-2017-2681 was published May 13, 2022
A vulnerability has been identified in CP1604 (All versions < V2.8), CP1616 (All versions < V2.8)... Moderate Unreviewed
CVE-2019-10923 was published May 24, 2022
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All... High Unreviewed
CVE-2024-43647 was published Sep 10, 2024
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. Moderate
CVE-2024-29857 was published for BouncyCastle (Maven) May 14, 2024
levpachmanov
An issue discovered in Govee LED Strip v3.00.42 allows attackers to cause a denial of service via... High Unreviewed
CVE-2023-45956 was published Oct 31, 2023
Bouncy Castle Denial of Service (DoS) Moderate
CVE-2023-33202 was published for org.bouncycastle:bcpkix-jdk18on (Maven) Nov 23, 2023
ind-team ebickle
Ghcml mpihelgas
OCI image importer memory exhaustion in github.com/containerd/containerd Moderate
CVE-2023-25153 was published for github.com/containerd/containerd (Go) Feb 16, 2023
AdamKorcz DavidKorczynski
In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource... High Unreviewed
CVE-2023-21339 was published Oct 30, 2023
regular expression denial-of-service (ReDoS) in Bleach High
CVE-2020-6817 was published for bleach (pip) Mar 30, 2020
Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the... Moderate Unreviewed
CVE-2024-23441 was published Jan 29, 2024
IObit Malware Fighter v11.0.0.1274 is vulnerable to a Denial of Service vulnerability by... Moderate Unreviewed
CVE-2024-0430 was published Jan 22, 2024
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted... Moderate Unreviewed
CVE-2023-22819 was published Feb 6, 2024
An issue discovered in Nanoleaf Light strip v3.5.10 allows attackers to cause a denial of service... High Unreviewed
CVE-2023-45955 was published Oct 31, 2023
Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at... Moderate Unreviewed
CVE-2023-46361 was published Oct 31, 2023
REXML DoS vulnerability Moderate
CVE-2024-41946 was published for rexml (RubyGems) Aug 2, 2024
naitoh
REXML DoS vulnerability Moderate
CVE-2024-41123 was published for rexml (RubyGems) Aug 1, 2024
python-jose denial of service via compressed JWE content Moderate
CVE-2024-33664 was published for python-jose (pip) Apr 26, 2024
garyd203
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard... High Unreviewed
CVE-2024-7592 was published Aug 19, 2024
Missing connection timeout in Aardvark-dns High
CVE-2024-8418 was published for aardvark-dns (Rust) Sep 4, 2024
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column)... Moderate Unreviewed
CVE-2024-41434 was published Sep 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database