GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
20 advisories
Filter by severity
Excessive memory allocation
Moderate
CVE-2018-12541
was published
for
io.vertx:vertx-core
(Maven)
Oct 17, 2018
Uncontrolled Memory Allocation in Apache PDFBox
Moderate
CVE-2021-27906
was published
for
org.apache.pdfbox:pdfbox
(Maven)
May 13, 2021
Denial of service in Tendermint
Low
CVE-2020-5303
was published
for
github.com/tendermint/tendermint
(Go)
May 27, 2021
Uncontrolled memory consumption
Moderate
CVE-2021-31811
was published
for
org.apache.pdfbox:pdfbox
(Maven)
Jun 15, 2021
Memory over-allocation in evm-core
Moderate
GHSA-773q-5334-5gf9
was published
for
evm-core
(Rust)
Aug 25, 2021
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes
Moderate
CVE-2020-8551
was published
for
k8s.io/kubernetes
(Go)
Feb 15, 2022
Kubernetes API Server DoS Via API Requests
Moderate
CVE-2020-8552
was published
for
k8s.io/apiserver
(Go)
Feb 15, 2022
Symfony Denial of Service Via Long Password Hashing
Moderate
CVE-2013-5958
was published
for
symfony/polyfill
(Composer)
May 17, 2022
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29863
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Binary vulnerable to Slice Memory Allocation with Excessive Size Value
High
CVE-2022-36078
was published
for
github.com/gagliardetto/binary
(Go)
Sep 16, 2022
Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service
High
CVE-2022-34917
was published
for
org.apache.kafka:kafka
(Maven)
Sep 21, 2022
docconv vulnerable to Memory Allocation with Excessive Size Value
Moderate
CVE-2022-4741
was published
for
code.sajari.com/docconv
(Go)
Dec 25, 2022
vyper vulnerable to storage allocator overflow
High
CVE-2023-30837
was published
for
vyper
(pip)
May 5, 2023
Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input
High
CVE-2023-37279
was published
for
github.com/contribsys/faktory
(Go)
Sep 20, 2023
Undertow vulnerable to denial of service
High
CVE-2023-3223
was published
for
io.undertow:undertow-parent
(Maven)
Sep 27, 2023
amphp/http-client Denial of Service via HTTP/2 CONTINUATION Frames
High
GHSA-w8gf-g2vq-j2f4
was published
for
amphp/http-client
(Composer)
Apr 3, 2024
SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size Value
Moderate
CVE-2024-32035
was published
for
SixLabors.ImageSharp
(NuGet)
Apr 15, 2024
@grpc/grpc-js can allocate memory for incoming messages well above configured limits
Moderate
CVE-2024-37168
was published
for
@grpc/grpc-js
(npm)
Jun 10, 2024
SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder
Moderate
CVE-2024-41132
was published
for
SixLabors.ImageSharp
(NuGet)
Jul 22, 2024
ProTip!
Advisories are also available from the
GraphQL API