GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
325 advisories
Filter by severity
Django denial-of-service attack in the intcomma template filter
Moderate
CVE-2024-24680
was published
for
Django
(pip)
Feb 7, 2024
Django denial of service via empty session record creation
Moderate
CVE-2015-5963
was published
for
Django
(pip)
May 17, 2022
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to...
Moderate
Unreviewed
CVE-2024-40680
was published
Sep 7, 2024
In the Linux kernel, the following vulnerability has been resolved:
nouveau/firmware: use dma...
Moderate
Unreviewed
CVE-2024-45012
was published
Sep 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
s390/boot: Avoid possible...
Moderate
Unreviewed
CVE-2024-45014
was published
Sep 11, 2024
DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks
Moderate
GHSA-crjg-w57m-rqqf
was published
for
dnsjava:dnsjava
(Maven)
Jul 22, 2024
SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder
Moderate
CVE-2024-41132
was published
for
SixLabors.ImageSharp
(NuGet)
Jul 22, 2024
Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU...
Moderate
Unreviewed
CVE-2024-23184
was published
Sep 10, 2024
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation...
Moderate
Unreviewed
CVE-2024-7734
was published
Sep 10, 2024
Miniscript allows stack consumption
Moderate
CVE-2024-44073
was published
for
miniscript
(Rust)
Aug 19, 2024
OCI image importer memory exhaustion in github.com/containerd/containerd
Moderate
CVE-2023-25153
was published
for
github.com/containerd/containerd
(Go)
Feb 16, 2023
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted...
Moderate
Unreviewed
CVE-2023-22819
was published
Feb 6, 2024
Vertx gRPC server does not limit the maximum message size
Moderate
CVE-2024-8391
was published
for
io.vertx:vertx-grpc-client
(Maven)
Sep 4, 2024
priority vulnerable to denial of service
Moderate
CVE-2016-6580
was published
for
priority
(pip)
May 17, 2022
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of...
Moderate
Unreviewed
CVE-2023-5371
was published
Oct 4, 2023
Denial of service in tensorflow-lite
Moderate
CVE-2020-15213
was published
for
tensorflow
(pip)
Sep 25, 2020
A possibility of unwanted server memory consumption was detected through the obsolete...
Moderate
Unreviewed
CVE-2023-6117
was published
Nov 22, 2023
A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource...
Moderate
Unreviewed
CVE-2023-6910
was published
Dec 20, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4...
Moderate
Unreviewed
CVE-2023-0382
was published
Apr 5, 2023
Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file
Moderate
CVE-2024-26308
was published
for
org.apache.commons:commons-compress
(Maven)
Feb 19, 2024
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23...
Moderate
Unreviewed
CVE-2024-0563
was published
Feb 23, 2024
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service...
Moderate
Unreviewed
CVE-2024-41175
was published
Aug 27, 2024
Allocation of Resources Without Limits or Throttling in metadata-extractor
Moderate
CVE-2022-24614
was published
for
com.drewnoakes:metadata-extractor
(Maven)
Feb 25, 2022
ProTip!
Advisories are also available from the
GraphQL API