GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
423 advisories
Filter by severity
An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denial of Service (DoS) via a...
High
Unreviewed
CVE-2024-51428
was published
Nov 7, 2024
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API...
High
Unreviewed
CVE-2024-51557
was published
Nov 4, 2024
Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability
High
CVE-2024-38286
was published
for
org.apache.tomcat:tomcat-util
(Maven)
Nov 7, 2024
An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a...
High
Unreviewed
CVE-2024-48809
was published
Nov 4, 2024
In the Linux kernel, the following vulnerability has been resolved:
f2fs: compress: fix to cover...
High
Unreviewed
CVE-2024-34027
was published
Jun 24, 2024
In the Linux kernel, the following vulnerability has been resolved:
net: lantiq: fix memory...
High
Unreviewed
CVE-2021-47137
was published
Mar 25, 2024
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI...
High
Unreviewed
CVE-2024-22255
was published
Mar 5, 2024
The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for...
High
Unreviewed
CVE-2024-34046
was published
Apr 30, 2024
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet...
High
Unreviewed
CVE-2023-38405
was published
Jul 17, 2023
Denial of Service in Connect2id Nimbus JOSE+JWT
High
CVE-2023-52428
was published
for
com.nimbusds:nimbus-jose-jwt
(Maven)
Feb 11, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ...
High
Unreviewed
CVE-2024-7807
was published
Oct 29, 2024
Denial of service vulnerability when parsing multipart request body
High
CVE-2023-25578
was published
for
starlite
(pip)
Feb 15, 2023
Rdiffweb Allocation of Resources Without Limits or Throttling vulnerability
High
CVE-2023-5289
was published
for
rdiffweb
(pip)
Sep 29, 2023
rdiffweb has no rate limit on resend email feature
High
CVE-2022-4723
was published
for
rdiffweb
(pip)
Dec 27, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption
High
CVE-2022-3371
was published
for
rdiffweb
(pip)
Oct 1, 2022
rdiffweb allows unlimited length of root directory name, which could result in DoS
High
CVE-2022-3295
was published
for
rdiffweb
(pip)
Sep 27, 2022
To keep its cache database efficient, `named` running as a recursive resolver occasionally...
High
Unreviewed
CVE-2023-6516
was published
Feb 13, 2024
pyftpdlib vulnerable to allocation of resources without limits
High
CVE-2007-6740
was published
for
pyftpdlib
(pip)
May 1, 2022
Security Update for the OPC UA .NET Standard Stack
High
GHSA-qm9f-c3v9-wphv
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Oct 18, 2024
Rack has possible DoS Vulnerability in Multipart MIME parsing
High
CVE-2023-27530
was published
for
rack
(RubyGems)
Mar 8, 2023
Starlette Denial of service (DoS) via multipart/form-data
High
CVE-2024-47874
was published
for
starlette
(pip)
Oct 15, 2024
Plone is vulnerable to denial of service
High
CVE-2012-5499
was published
for
Plone
(pip)
May 17, 2022
Pillow Denial of Service vulnerability
High
CVE-2023-44271
was published
for
pillow
(pip)
Nov 3, 2023
Products.CMFCore unauthenticated denial of service and crash via unchecked use of input with Python's marshal module
High
CVE-2023-36814
was published
for
Products.CMFCore
(pip)
Jul 5, 2023
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management...
High
Unreviewed
CVE-2024-47508
was published
Oct 11, 2024
ProTip!
Advisories are also available from the
GraphQL API