GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Denial of service in tensorflow-lite
Moderate
CVE-2020-15213
was published
for
tensorflow
(pip)
Sep 25, 2020
rdiffweb's unlimited length Fullname field can lead to DoS
Moderate
CVE-2022-3364
was published
for
rdiffweb
(pip)
Sep 30, 2022
plone.rest vulnerable to Denial of Service when ++api++ is used many times
Moderate
CVE-2023-42457
was published
for
plone.rest
(pip)
Sep 21, 2023
Denial of service attack via .well-known lookups
Moderate
CVE-2021-21274
was published
for
matrix-synapse
(pip)
Mar 1, 2021
NFStream Local Denial of Service (DoS)
Moderate
CVE-2020-25340
was published
for
nfstream
(pip)
May 24, 2022
matrix-synapse vulnerable to denial of service due to malicious server ACL events
Moderate
CVE-2023-45129
was published
for
matrix-synapse
(pip)
Oct 10, 2023
Django denial-of-service attack in the intcomma template filter
Moderate
CVE-2024-24680
was published
for
Django
(pip)
Feb 7, 2024
Django denial of service via empty session record creation
Moderate
CVE-2015-5963
was published
for
Django
(pip)
May 17, 2022
priority vulnerable to denial of service
Moderate
CVE-2016-6580
was published
for
priority
(pip)
May 17, 2022
Synapse V2 state resolution weakness allows Denial of Service (DoS)
Moderate
CVE-2024-31208
was published
for
matrix-synapse
(pip)
Apr 23, 2024
JWCrypto vulnerable to JWT bomb Attack in `deserialize` function
Moderate
CVE-2024-28102
was published
for
jwcrypto
(pip)
Mar 6, 2024
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability
Moderate
CVE-2023-42504
was published
for
apache-superset
(pip)
Nov 28, 2023
RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling
Moderate
CVE-2023-4138
was published
for
rdiffweb
(pip)
Aug 3, 2023
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files
Moderate
CVE-2023-28837
was published
for
wagtail
(pip)
Apr 3, 2023
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21732
was published
for
tensorflow
(pip)
Feb 10, 2022
ProTip!
Advisories are also available from the
GraphQL API