Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

423 advisories

Loading
Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2024-38286 was published for org.apache.tomcat:tomcat-util (Maven) Nov 7, 2024
Denial of Service in Connect2id Nimbus JOSE+JWT High
CVE-2023-52428 was published for com.nimbusds:nimbus-jose-jwt (Maven) Feb 11, 2024
ebickle
Denial of service vulnerability when parsing multipart request body High
CVE-2023-25578 was published for starlite (pip) Feb 15, 2023
das7pad
Rdiffweb Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2023-5289 was published for rdiffweb (pip) Sep 29, 2023
rdiffweb has no rate limit on resend email feature High
CVE-2022-4723 was published for rdiffweb (pip) Dec 27, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption High
CVE-2022-3371 was published for rdiffweb (pip) Oct 1, 2022
rdiffweb allows unlimited length of root directory name, which could result in DoS High
CVE-2022-3295 was published for rdiffweb (pip) Sep 27, 2022
pyftpdlib vulnerable to allocation of resources without limits High
CVE-2007-6740 was published for pyftpdlib (pip) May 1, 2022
Security Update for the OPC UA .NET Standard Stack High
GHSA-qm9f-c3v9-wphv was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 18, 2024
Rack has possible DoS Vulnerability in Multipart MIME parsing High
CVE-2023-27530 was published for rack (RubyGems) Mar 8, 2023
Starlette Denial of service (DoS) via multipart/form-data High
CVE-2024-47874 was published for starlette (pip) Oct 15, 2024
defnull
Plone is vulnerable to denial of service High
CVE-2012-5499 was published for Plone (pip) May 17, 2022
Pillow Denial of Service vulnerability High
CVE-2023-44271 was published for pillow (pip) Nov 3, 2023
ProTip! Advisories are also available from the GraphQL API