Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

573 advisories

Loading
sigstore-go has an unbounded loop over untrusted input can lead to endless data attack Low
CVE-2024-45395 was published for github.com/sigstore/sigstore-go (Go) Sep 4, 2024
AdamKorcz codysoyland
There is a HIGH severity vulnerability affecting the CPython "zipfile" module. When... High Unreviewed
CVE-2024-8088 was published Aug 22, 2024
In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when... Moderate Unreviewed
CVE-2024-43828 was published Aug 17, 2024
In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in... Moderate Unreviewed
CVE-2024-42246 was published Aug 7, 2024
In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in ... Moderate Unreviewed
CVE-2024-42240 was published Aug 7, 2024
Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA. High Unreviewed
CVE-2024-23352 was published Aug 5, 2024
In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite... Moderate Unreviewed
CVE-2024-41088 was published Jul 29, 2024
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas() function. High Unreviewed
CVE-2024-40060 was published Jul 23, 2024
In the Linux kernel, the following vulnerability has been resolved: vhost: fix hung thread due... Moderate Unreviewed
CVE-2022-48862 was published Jul 16, 2024
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix hang during reboot... Moderate Unreviewed
CVE-2022-48840 was published Jul 16, 2024
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: fix... Moderate Unreviewed
CVE-2024-40995 was published Jul 12, 2024
The frame iterator could get stuck in a loop when encountering certain wasm frames leading to... Moderate Unreviewed
CVE-2024-6614 was published Jul 9, 2024
Aim denial of service vulnerability High
CVE-2024-6227 was published for aim (pip) Jul 8, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2024-36990 was published Jul 1, 2024
Low severity (DoS) vulnerability in sequoia-openpgp Low
GHSA-9344-p847-qm5c was published for sequoia-openpgp (Rust) Jun 26, 2024
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination... Moderate Unreviewed
CVE-2024-36288 was published Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite... Moderate Unreviewed
CVE-2021-47617 was published Jun 20, 2024
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as... Moderate Unreviewed
CVE-2024-6061 was published Jun 17, 2024
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability.... Moderate Unreviewed
CVE-2024-5949 was published Jun 13, 2024
libyaml v0.2.5 is vulnerable to DDOS. Affected by this issue is the function yaml_parser_parse of... High Unreviewed
CVE-2024-35328 was published Jun 13, 2024
A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions <... Moderate Unreviewed
CVE-2023-50763 was published Jun 11, 2024
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when... High Unreviewed
CVE-2024-36732 was published Jun 6, 2024
Soot Infinite Loop vulnerability High
CVE-2023-46442 was published for org.soot-oss:soot (Maven) May 24, 2024
In the Linux kernel, the following vulnerability has been resolved: virtio_net: Do not send RSS... Moderate Unreviewed
CVE-2024-35981 was published May 20, 2024
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite... Moderate Unreviewed
CVE-2024-35982 was published May 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database