Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,383 advisories

Loading
An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all... Moderate Unreviewed
CVE-2023-3246 was published Nov 6, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16... Moderate Unreviewed
CVE-2023-3909 was published Nov 6, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5,... High Unreviewed
CVE-2023-4647 was published Sep 1, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5,... Moderate Unreviewed
CVE-2023-3210 was published Sep 1, 2023
A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11... Moderate Unreviewed
CVE-2023-0921 was published Jun 6, 2023
A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13... High Unreviewed
CVE-2023-0121 was published Jun 7, 2023
Liferay Portal vulnerable to Denial of Service Moderate
CVE-2024-26265 was published for com.liferay.portal:release.portal.bom (Maven) Feb 20, 2024
Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service... High Unreviewed
CVE-2023-41121 was published Aug 26, 2023
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series... Moderate Unreviewed
CVE-2024-20502 was published Oct 2, 2024
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series... Moderate Unreviewed
CVE-2024-20500 was published Oct 2, 2024
AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP... High Unreviewed
CVE-2023-41173 was published Aug 25, 2023
Liferay Portal denial of service (memory consumption) High
CVE-2024-25143 was published for com.liferay.portal:release.portal.bom (Maven) Feb 7, 2024
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated... High Unreviewed
CVE-2023-1150 was published Jun 26, 2023
A vulnerability has been found in ThingsBoard up to 3.7.0 and classified as problematic. Affected... Moderate Unreviewed
CVE-2024-9358 was published Oct 1, 2024
Denial of service attack via push rule patterns in matrix-synapse Moderate
CVE-2021-29471 was published for matrix-synapse (pip) May 13, 2021
Synapse Denial of service due to incorrect application of event authorization rules during state resolution High
CVE-2022-39374 was published for matrix-synapse (pip) May 24, 2023
Denial of service attack via .well-known lookups Moderate
CVE-2021-21274 was published for matrix-synapse (pip) Mar 1, 2021
mscherer
The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain... Moderate Unreviewed
CVE-2024-8454 was published Sep 30, 2024
The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to... Moderate Unreviewed
CVE-2024-30218 was published Apr 9, 2024
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform... Low Unreviewed
CVE-2023-49578 was published Dec 12, 2023
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754,... Low Unreviewed
CVE-2023-32114 was published Jun 13, 2023
Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events Moderate
CVE-2024-47003 was published for github.com/mattermost/mattermost/server/v8 (Go) Sep 26, 2024
c0rydoras
Spring Framework DoS via conditional HTTP request Moderate
CVE-2024-38809 was published for org.springframework:spring-web (Maven) Sep 24, 2024
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom... Moderate Unreviewed
CVE-2023-39203 was published Nov 15, 2023
Apache Log4j 1.x (EOL) allows Denial of Service (DoS) High
CVE-2023-26464 was published for org.apache.logging.log4j:log4j-core (Maven) Mar 10, 2023
jw123023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database