Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,342 advisories

Loading
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Car Park Booking System v3... Moderate Unreviewed
CVE-2023-51309 was published Feb 20, 2025
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1... Moderate Unreviewed
CVE-2023-51339 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Car Park... Moderate Unreviewed
CVE-2023-51310 was published Feb 20, 2025
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed
CVE-2021-41840 was published Feb 10, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Moderate Unreviewed
CVE-2024-20968 was published Feb 17, 2024
Certain DNSSEC aspects of the DNS protocol (in RFC 4035 and related RFCs) allow remote attackers... High Unreviewed
CVE-2023-50387 was published Feb 14, 2024
Django vulnerable to Denial of Service High
CVE-2024-39614 was published for Django (pip) Jul 10, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-31880 was published Oct 23, 2024
Very large headers can cause resource exhaustion when parsing message. The message-parser... High Unreviewed
CVE-2024-23185 was published Sep 10, 2024
Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU... Moderate Unreviewed
CVE-2024-23184 was published Sep 10, 2024
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-28762 was published Jun 12, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-31881 was published Jun 12, 2024
MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note Length Moderate
CVE-2025-46556 was published for mantisbt/mantisbt (Composer) Nov 3, 2025
TheAmazeng dregad
Credited to TheAmazeng and dregad
Tornado has an HTTP cookie parsing DoS vulnerability High
CVE-2024-52804 was published for tornado (pip) Nov 22, 2024
kexinoh
Credited to kexinoh
Ion Java StackOverflow vulnerability High
CVE-2024-21634 was published for com.amazon.ion:ion-java (Maven) Jan 3, 2024
ebickle
Credited to ebickle
Apache Commons FileUpload denial of service vulnerability High
CVE-2023-24998 was published for commons-fileupload:commons-fileupload (Maven) Feb 20, 2023
sunSUNQ westonsteimel
Credited to sunSUNQ and westonsteimel
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong... Moderate Unreviewed
CVE-2025-26466 was published Mar 1, 2025
CGI has Denial of Service (DoS) potential in Cookie.parse Moderate
CVE-2025-27219 was published for cgi (RubyGems) Mar 3, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2,... Moderate Unreviewed
CVE-2024-54501 was published Dec 12, 2024
In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN() from... Moderate Unreviewed
CVE-2024-42082 was published Jul 29, 2024
In the Linux kernel, the following vulnerability has been resolved: signal: restore the... Moderate Unreviewed
CVE-2024-50271 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc... Moderate Unreviewed
CVE-2024-39474 was published Jul 5, 2024
JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and... Moderate Unreviewed
CVE-2023-29449 was published Jul 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database