GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,404 advisories
Filter by severity
Werkzeug possible resource exhaustion when parsing file data in forms
Moderate
CVE-2024-49767
was published
for
quart
(pip)
Oct 25, 2024
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7...
Moderate
Unreviewed
CVE-2024-10599
was published
Nov 1, 2024
kangax html-minifier REDoS vulnerability
High
CVE-2022-37620
was published
for
html-minifier
(npm)
Oct 31, 2022
mapshaper Path Traversal vulnerability
Moderate
CVE-2024-1163
was published
for
mapshaper
(npm)
Feb 13, 2024
Denial of service in langchain-community
Moderate
CVE-2024-2965
was published
for
langchain
(pip)
Jun 6, 2024
Gnark out-of-memory during deserialization with crafted inputs
Moderate
CVE-2024-50354
was published
for
github.com/consensys/gnark
(Go)
Oct 31, 2024
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow...
Moderate
Unreviewed
CVE-2024-20526
was published
Oct 23, 2024
Denial of Service in Connect2id Nimbus JOSE+JWT
High
CVE-2023-52428
was published
for
com.nimbusds:nimbus-jose-jwt
(Maven)
Feb 11, 2024
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to...
Moderate
Unreviewed
CVE-2024-50311
was published
Oct 22, 2024
Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters
Moderate
CVE-2024-45230
was published
for
Django
(pip)
Oct 8, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ...
High
Unreviewed
CVE-2024-7807
was published
Oct 29, 2024
MultipartParser denial of service with too many fields or files
High
CVE-2023-30798
was published
for
starlette
(pip)
Feb 14, 2023
Duplicate Advisory: Starlette allows an unauthenticated and remote attacker to specify any number of form fields or files
High
GHSA-3qj8-93xh-pwh2
was published
for
starlette
(pip)
Apr 21, 2023
•
withdrawn
Denial of service vulnerability when parsing multipart request body
High
CVE-2023-25578
was published
for
starlite
(pip)
Feb 15, 2023
SystemDS CPU exhaustion vulnerability
High
CVE-2022-26477
was published
for
org.apache.systemds:systemds
(Maven)
Jun 28, 2022
StripComments filter contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service)
High
CVE-2021-32839
was published
for
sqlparse
(pip)
Sep 10, 2021
Remarshal expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack
High
CVE-2023-47163
was published
for
remarshal
(pip)
Nov 13, 2023
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this...
High
Unreviewed
CVE-2023-52098
was published
Jan 16, 2024
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco...
High
Unreviewed
CVE-2024-20351
was published
Oct 23, 2024
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder
Moderate
CVE-2024-25112
was published
for
exiv2
(pip)
Oct 17, 2024
PyKMIP Denial of service vulnerability
High
CVE-2018-1000872
was published
for
pykmip
(pip)
Dec 21, 2018
Denial of service in http-proxy-middleware
High
CVE-2024-21536
was published
for
http-proxy-middleware
(npm)
Oct 19, 2024
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack...
High
Unreviewed
CVE-2024-6959
was published
Oct 13, 2024
SaltStack Salt Denial of Service via a crafted authentication request
High
CVE-2017-14696
was published
for
salt
(pip)
May 17, 2022
Memory leaks in code encrypting and verifying RSA payloads
High
CVE-2024-1394
was published
for
github.com/golang-fips/go
(Go)
Mar 20, 2024
ProTip!
Advisories are also available from the
GraphQL API