Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

34 advisories

Loading
Django vulnerable to a denial-of-service attack Moderate
CVE-2024-41990 was published for Django (pip) Aug 7, 2024
Django vulnerable to denial-of-service attack Moderate
CVE-2024-41991 was published for Django (pip) Aug 7, 2024
Elliptic's ECDSA missing check for whether leading bit of r and s is zero Low
CVE-2024-42460 was published for elliptic (npm) Aug 2, 2024
BlazingWizard
A vulnerability in the upload module of Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers could... Moderate Unreviewed
CVE-2024-20416 was published Jul 17, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
Django vulnerable to Denial of Service High
CVE-2024-39614 was published for Django (pip) Jul 10, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-38010 was published Jul 9, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-37989 was published Jul 9, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-37988 was published Jul 9, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-38011 was published Jul 9, 2024
Server receiving a malformed message that causes a disconnect to a hostname may causing a stack... High Unreviewed
CVE-2023-5393 was published Apr 11, 2024
Windows Hyper-V Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-29064 was published Apr 9, 2024
Azure Private 5G Core Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-20685 was published Apr 9, 2024
A denial of service vulnerability exists in the OAS Engine File Data Source Configuration... Moderate Unreviewed
CVE-2024-24976 was published Apr 3, 2024
Out of memory error when submitting the dataset form with a specially-crafted field Moderate
CVE-2023-50248 was published for ckan (pip) Dec 13, 2023
thorge
Jetty accepts "+" prefixed value in Content-Length Moderate
CVE-2023-40167 was published for org.eclipse.jetty:jetty-http (Maven) Sep 14, 2023
mukeran chenjj
Improper handling of NTS cookie length that could crash the ntpd-rs server High
CVE-2023-33192 was published for ntpd (Rust) May 25, 2023
mlichvar
swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length High
CVE-2022-24666 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of... High Unreviewed
CVE-2022-36788 was published Apr 20, 2023
An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol... High Unreviewed
CVE-2023-28964 was published Apr 18, 2023
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20689 was published Dec 12, 2022
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA... Moderate Unreviewed
CVE-2022-20686 was published Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20690 was published Dec 12, 2022
rdiffweb's unlimited username field length can lead to DoS High
CVE-2022-3290 was published for rdiffweb (pip) Sep 27, 2022
RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency High
CVE-2022-2714 was published for francoisjacquet/rosariosis (Composer) Sep 7, 2022
ProTip! Advisories are also available from the GraphQL API