GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
443 advisories
Filter by severity
snappy-java's missing upper bound check on chunk length can lead to Denial of Service (DoS) impact
High
CVE-2023-43642
was published
for
org.xerial.snappy:snappy-java
(Maven)
Sep 25, 2023
Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input
High
CVE-2023-37279
was published
for
github.com/contribsys/faktory
(Go)
Sep 20, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in the RCPbind service running on UDP port (111),...
High
Unreviewed
CVE-2022-47562
was published
Sep 20, 2023
When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed...
High
Unreviewed
CVE-2023-38039
was published
Sep 15, 2023
Strapi Improper Rate Limiting vulnerability
High
CVE-2023-38507
was published
for
@strapi/admin
(npm)
Sep 13, 2023
RKE2 supervisor port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attack
High
CVE-2023-32186
was published
for
github.com/rancher/rke2
(Go)
Sep 11, 2023
K3s apiserver port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attack
High
CVE-2023-32187
was published
for
github.com/k3s-io/k3s
(Go)
Sep 11, 2023
QUIC connections do not set an upper bound on the amount of data buffered when reading post...
High
Unreviewed
CVE-2023-39322
was published
Sep 8, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5,...
High
Unreviewed
CVE-2023-4647
was published
Sep 1, 2023
An adversary could crash the entire device by sending a large quantity of ICMP requests if the...
High
Unreviewed
CVE-2023-40709
was published
Aug 24, 2023
An adversary could cause a continuous restart loop to the entire device by sending a large...
High
Unreviewed
CVE-2023-40710
was published
Aug 24, 2023
FaucetSDN Ryu Denial of Service Vulnerability
High
CVE-2020-35139
was published
for
ryu
(pip)
Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability
High
CVE-2020-35141
was published
for
ryu
(pip)
Aug 11, 2023
libp2p nodes vulnerable to attack using large RSA keys
High
CVE-2023-39533
was published
for
github.com/libp2p/go-libp2p
(Go)
Aug 9, 2023
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801,...
High
Unreviewed
CVE-2023-39269
was published
Aug 8, 2023
Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial...
High
Unreviewed
CVE-2022-46485
was published
Aug 2, 2023
An issue has been discovered in GitLab EE affecting all versions from 15.11 prior to 16.2.2 which...
High
Unreviewed
CVE-2023-4011
was published
Aug 2, 2023
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet...
High
Unreviewed
CVE-2023-38405
was published
Jul 17, 2023
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S ...
High
Unreviewed
CVE-2023-36521
was published
Jul 11, 2023
IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or...
High
Unreviewed
CVE-2023-27540
was published
Jul 10, 2023
Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content...
High
Unreviewed
CVE-2023-28338
was published
Jul 6, 2023
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD...
High
Unreviewed
CVE-2022-3480
was published
Jul 6, 2023
Products.CMFCore unauthenticated denial of service and crash via unchecked use of input with Python's marshal module
High
CVE-2023-36814
was published
for
Products.CMFCore
(pip)
Jul 5, 2023
A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM ...
High
Unreviewed
CVE-2023-20108
was published
Jun 28, 2023
ProTip!
Advisories are also available from the
GraphQL API