Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

453 advisories

Loading
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel High
CVE-2023-38171 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
github.com/nghttp2/nghttp2 has HTTP/2 Rapid Reset High
GHSA-vx74-f528-fxqg was published for github.com/nghttp2/nghttp2 (Go) Oct 10, 2023
opentelemetry-instrumentation Denial of Service vulnerability due to unbound cardinality metrics High
CVE-2023-43810 was published for opentelemetry-instrumentation (pip) Oct 2, 2023
programmer04
Chaijs/get-func-name vulnerable to ReDoS High
CVE-2023-43646 was published for get-func-name (npm) Sep 27, 2023
GAP-dev keithamus
Undertow vulnerable to denial of service High
CVE-2023-3223 was published for io.undertow:undertow-parent (Maven) Sep 27, 2023
Tungstenite allows remote attackers to cause a denial of service High
CVE-2023-43669 was published for tungstenite (Rust) Sep 21, 2023
bayandin tsal
Go-Ethereum vulnerable to denial of service via malicious p2p message High
CVE-2023-40591 was published for github.com/ethereum/go-ethereum (Go) Sep 6, 2023
webpki: CPU denial of service in certificate path building High
GHSA-8qv2-5vq6-g2g7 was published for webpki (Rust) Aug 25, 2023
nipunn1313 phil-opp
libp2p nodes vulnerable to OOM attack High
CVE-2023-40583 was published for github.com/libp2p/go-libp2p (Go) Aug 24, 2023
marten-seemann
Apache Airflow denial of service vulnerability High
CVE-2023-37379 was published for apache-airflow (pip) Aug 23, 2023
webui-aria2 Path Traversal vulnerability High
CVE-2023-39141 was published for webui-aria2 (npm) Aug 22, 2023
JafarAkhondali
rustls-webpki: CPU denial of service in certificate path building High
GHSA-fh2r-99q2-6mmg was published for rustls-webpki (Rust) Aug 22, 2023
Marcono1234
.NET Denial of Service Vulnerability High
CVE-2023-38178 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 9, 2023
Denial of service in jackson-dataformats-text High
CVE-2023-3894 was published for com.fasterxml.jackson.dataformat:jackson-dataformats-text (Maven) Aug 8, 2023
Mochis
goproxy Denial of Service vulnerability High
CVE-2023-37788 was published for github.com/elazarl/goproxy (Go) Jul 18, 2023
avro vulnerable to denial of service via attacker-controlled parameter High
CVE-2023-37475 was published for github.com/hamba/avro (Go) Jul 17, 2023
AdamKorcz
mx-chain-go's relayed transactions always increment nonce High
CVE-2023-34458 was published for github.com/multiversx/mx-chain-go (Go) Jul 13, 2023
is_js vulnerable to Regular Expression Denial of Service High
CVE-2020-26302 was published for is_js (npm) Jul 6, 2023
Coraza has potential denial of service vulnerability High
CVE-2023-40586 was published for github.com/corazawaf/coraza/v2 (Go) Jun 26, 2023
rmb122
YARP Denial of Service Vulnerability High
CVE-2023-33141 was published for Yarp.ReverseProxy (NuGet) Jun 23, 2023
org.nokogiri:nekohtml vulnerable to Uncontrolled Resource Consumption High
CVE-2022-24839 was published for org.nokogiri:nekohtml (Maven) Jun 22, 2023
.NET Denial of Service vulnerability High
CVE-2023-29331 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
jjson vulnerable to stack exhaustion High
CVE-2023-35110 was published for de.grobmeier.json:jjson (Maven) Jun 14, 2023
hjson stack exhaustion vulnerability High
CVE-2023-34620 was published for org.hjson:hjson (Maven) Jun 14, 2023
JSONUtil vulnerable to stack exhaustion High
CVE-2023-34615 was published for net.pwall.json:jsonutil (Maven) Jun 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database