Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2,404 advisories

Loading
Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17 High
GHSA-crh4-294p-vcfq was published for com.vaadin:vaadin-text-field-flow (Maven) Apr 19, 2021
Bitcoin Inventory Out-of-Memory Denial-of-Service Attack (CVE-2018-17145) High
CVE-2018-17145 was published for bcoin (npm) Sep 10, 2020
Denial of Service via Cache Flooding Low
GHSA-p68v-frgx-4rjp was published for shopware/core (Composer) Oct 19, 2020
Denial of service (via resource exhaustion) due to improper input validation in third-party identifier endpoint Moderate
GHSA-7h5v-85w9-pq6c was published for matrix-synapse (pip) May 19, 2021
Uncontrolled Resource Consumption in pillow Moderate
GHSA-jgpv-4h4c-xhw3 was published for pillow (pip) Apr 23, 2021
Import loops in account imports, nats-server DoS Low
GHSA-gwj5-3vfq-q992 was published for github.com/nats-io/nats-server/v2 (Go) May 21, 2021
Denial of Service in node-static Moderate
GHSA-8r4g-cg4m-x23c was published for node-static (npm) Sep 22, 2021
Denial of service in DataCommunicator class in Vaadin 8 Moderate
GHSA-j23j-q57m-63v3 was published for com.vaadin:vaadin-server (Maven) Oct 13, 2021
Regular Expression Denial of Service in millisecond Moderate
GHSA-m489-xr35-fjxr was published for millisecond (npm) Sep 22, 2021
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library Critical
GHSA-3qpm-h9ch-px3c was published for org.powernukkit:powernukkit (Maven) Jan 6, 2022
LoboMetalurgico PleaseInsertNameHere
Security Advisory for "Log4Shell" Critical
GHSA-v57x-gxfj-484q was published for com.hazelcast.jet:hazelcast-jet (Maven) Jan 21, 2022
frant-hartm
Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server High
CVE-2018-12545 was published for org.eclipse.jetty:jetty-server (Maven) Mar 28, 2019
Remote memory exhaustion in ckb High
GHSA-48vq-8jqv-gm6f was published for ckb (Rust) Aug 25, 2021
Infinite loop in Pillow Low
GHSA-4fx9-vc88-q2xc was published for Pillow (pip) Mar 11, 2022
Memory exhaustion in asn1_der High
CVE-2019-15549 was published for asn1_der (Rust) Aug 25, 2021
Denial of Service (DoS) in Nokogiri on JRuby High
GHSA-gx8x-g87m-h5q6 was published for nokogiri (RubyGems) Apr 11, 2022
Denial of service Moderate
CVE-2019-16764 was published for pow_assent (Erlang) Apr 12, 2022
Marked ReDoS due to email addresses being evaluated in quadratic time Moderate
GHSA-xf5p-87ch-gxw2 was published for marked (npm) Jun 5, 2019
ircdkit vulnerable to Denial of Service due to unhandled connection end event Low
GHSA-f7r3-p866-q9qr was published for ircdkit (npm) Jun 3, 2019
Uncontrolled Resource Consumption in Spray JSON Moderate
CVE-2018-18855 was published for io.spray:spray-json (Maven) Jun 28, 2022
DOS and excessive memory usage when passing untrusted user input to to dag import Moderate
GHSA-f2gr-7299-487h was published for github.com/ipfs/go-ipfs (Go) Jul 6, 2022
Jorropo avivdolev
Regular Expression Denial of Service in slug Moderate
CVE-2017-16117 was published for slug (npm) Jul 24, 2018
G-Rath
d3-color vulnerable to ReDoS High
GHSA-36jr-mh4h-2g58 was published for d3-color (npm) Sep 29, 2022
Denial of service in sidekiq High
CVE-2022-23837 was published for sidekiq (RubyGems) Jan 27, 2022
ProTip! Advisories are also available from the GraphQL API