Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

131 advisories

Loading
Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2024-38286 was published for org.apache.tomcat:tomcat-util (Maven) Nov 7, 2024
Denial of Service in Connect2id Nimbus JOSE+JWT High
CVE-2023-52428 was published for com.nimbusds:nimbus-jose-jwt (Maven) Feb 11, 2024
ebickle
Denial of service vulnerability when parsing multipart request body High
CVE-2023-25578 was published for starlite (pip) Feb 15, 2023
das7pad
Rdiffweb Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2023-5289 was published for rdiffweb (pip) Sep 29, 2023
rdiffweb has no rate limit on resend email feature High
CVE-2022-4723 was published for rdiffweb (pip) Dec 27, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption High
CVE-2022-3371 was published for rdiffweb (pip) Oct 1, 2022
rdiffweb allows unlimited length of root directory name, which could result in DoS High
CVE-2022-3295 was published for rdiffweb (pip) Sep 27, 2022
pyftpdlib vulnerable to allocation of resources without limits High
CVE-2007-6740 was published for pyftpdlib (pip) May 1, 2022
Security Update for the OPC UA .NET Standard Stack High
GHSA-qm9f-c3v9-wphv was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 18, 2024
Rack has possible DoS Vulnerability in Multipart MIME parsing High
CVE-2023-27530 was published for rack (RubyGems) Mar 8, 2023
Starlette Denial of service (DoS) via multipart/form-data High
CVE-2024-47874 was published for starlette (pip) Oct 15, 2024
defnull
Plone is vulnerable to denial of service High
CVE-2012-5499 was published for Plone (pip) May 17, 2022
Pillow Denial of Service vulnerability High
CVE-2023-44271 was published for pillow (pip) Nov 3, 2023
Products.CMFCore unauthenticated denial of service and crash via unchecked use of input with Python's marshal module High
CVE-2023-36814 was published for Products.CMFCore (pip) Jul 5, 2023
DOS attack in Pillow when processing specially crafted image files High
CVE-2019-16865 was published for pillow (pip) Oct 22, 2019
sunSUNQ
ReDOS in Mpmath High
CVE-2021-29063 was published for mpmath (pip) Aug 9, 2021
bryan-rhm
async-graphql Directive Overload High
CVE-2024-47614 was published for async-graphql (Rust) Oct 3, 2024
MindPatch
Liferay Portal denial of service (memory consumption) High
CVE-2024-25143 was published for com.liferay.portal:release.portal.bom (Maven) Feb 7, 2024
Sydent vulnerable to denial of service attack via memory exhaustion High
CVE-2021-29430 was published for matrix-sydent (pip) Apr 19, 2021
Django potential denial of service vulnerability in UsernameField on Windows High
CVE-2023-46695 was published for Django (pip) Nov 2, 2023
Django contains Uncontrolled Resource Consumption via cached header High
CVE-2023-23969 was published for django (pip) Feb 1, 2023
MarkLee131
Uncontrolled Memory Consumption in Django High
CVE-2019-6975 was published for Django (pip) Feb 12, 2019
tdunlap607
Django database denial-of-service with ModelMultipleChoiceField High
CVE-2015-0222 was published for Django (pip) May 17, 2022
MarkLee131
Django Denial-of-service possibility with strip_tags High
CVE-2015-2316 was published for Django (pip) May 14, 2022
MarkLee131
Django Denial-of-service by filling session store High
CVE-2015-5143 was published for Django (pip) Jul 5, 2019
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database