Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,253 advisories

Loading
go-git clients vulnerable to DoS via maliciously crafted Git server replies High
CVE-2025-21614 was published for github.com/go-git/go-git (Go) Jan 6, 2025
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service High
GHSA-5pf6-cq2v-23ww was published for github.com/clidey/whodb/core (Go) Dec 19, 2024
thevilledev
ASA-2024-0012, ASA-2024-0013: CosmosSDK: Transaction decoding may result in a stack overflow or resource exhaustion High
GHSA-8wcc-m6j2-qxvm was published for cosmossdk.io/x/tx (Go) Dec 16, 2024
Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue... High Unreviewed
CVE-2024-11835 was published Dec 13, 2024
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability High Unreviewed
CVE-2024-49129 was published Dec 12, 2024
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2024-49096 was published Dec 12, 2024
Windows Remote Desktop Services Denial of Service Vulnerability High Unreviewed
CVE-2024-49075 was published Dec 12, 2024
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not ... High Unreviewed
CVE-2024-12254 was published Dec 6, 2024
Tornado has an HTTP cookie parsing DoS vulnerability High
CVE-2024-52804 was published for tornado (pip) Nov 22, 2024
kexinoh
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an... High Unreviewed
CVE-2023-20125 was published Nov 15, 2024
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch... High Unreviewed
CVE-2024-48989 was published Nov 13, 2024
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to... High Unreviewed
CVE-2024-9409 was published Nov 13, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2024-10314 was published Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2024-10345 was published Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2024-10344 was published Nov 11, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ... High Unreviewed
CVE-2024-7807 was published Oct 29, 2024
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco... High Unreviewed
CVE-2024-20351 was published Oct 23, 2024
Denial of service in http-proxy-middleware High
CVE-2024-21536 was published for http-proxy-middleware (npm) Oct 19, 2024
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack... High Unreviewed
CVE-2024-6959 was published Oct 13, 2024
An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks... High Unreviewed
CVE-2024-47497 was published Oct 11, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack... High Unreviewed
CVE-2024-7294 was published Oct 9, 2024
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability High Unreviewed
CVE-2024-43541 was published Oct 8, 2024
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability High Unreviewed
CVE-2024-43545 was published Oct 8, 2024
Windows Hyper-V Denial of Service Vulnerability High Unreviewed
CVE-2024-43575 was published Oct 8, 2024
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability High Unreviewed
CVE-2024-43544 was published Oct 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database