GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
49 advisories
Filter by severity
Denial of service (via resource exhaustion) due to improper input validation in third-party identifier endpoint
Moderate
GHSA-7h5v-85w9-pq6c
was published
for
matrix-synapse
(pip)
May 19, 2021
Uncontrolled Resource Consumption in pillow
Moderate
GHSA-jgpv-4h4c-xhw3
was published
for
pillow
(pip)
Apr 23, 2021
Uncontrolled Resource Consumption in pyftpdlib
Moderate
CVE-2009-5013
was published
for
pyftpdlib
(pip)
May 2, 2022
Denial of service attack via .well-known lookups
Moderate
CVE-2021-21274
was published
for
matrix-synapse
(pip)
Mar 1, 2021
tkvideo has a memory issue in playing videos
Moderate
CVE-2022-24902
was published
for
tkvideoplayer
(pip)
May 3, 2022
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21733
was published
for
tensorflow
(pip)
Feb 10, 2022
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21732
was published
for
tensorflow
(pip)
Feb 10, 2022
OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service
Moderate
CVE-2015-5286
was published
for
glance
(pip)
May 17, 2022
MultipartParser denial of service with too many fields or files
Moderate
GHSA-74m5-2c7w-9w3x
was published
for
starlette
(pip)
Feb 14, 2023
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files
Moderate
CVE-2023-28837
was published
for
wagtail
(pip)
Apr 3, 2023
Uncontrolled Resource Consumption in Matrix Synapse
Moderate
CVE-2022-41952
was published
for
matrix-synapse
(pip)
Apr 1, 2022
Abort caused by allocating a vector that is too large in Tensorflow
Moderate
CVE-2022-23580
was published
for
tensorflow
(pip)
Feb 7, 2022
Denial of service in `tf.ragged.constant` due to lack of validation
Moderate
CVE-2022-29202
was published
for
tensorflow
(pip)
May 24, 2022
PyKMIP Denial of service vulnerability
Moderate
CVE-2018-1000872
was published
for
pykmip
(pip)
Dec 21, 2018
Plone Authenticated Denial of Service vulnerability
Moderate
CVE-2013-4188
was published
for
plone
(pip)
May 17, 2022
Plone denial of service via Caching Bypass
Moderate
CVE-2012-5498
was published
for
plone
(pip)
May 17, 2022
Plone denial of service via RSS Feed Request
Moderate
CVE-2012-5506
was published
for
plone
(pip)
May 17, 2022
Catastrophic backtracking in regex allows Denial of Service in Waitress
Moderate
CVE-2020-5236
was published
for
waitress
(pip)
Feb 4, 2020
Synapse Denial of service due to incorrect application of event authorization rules during state resolution
Moderate
CVE-2022-39374
was published
for
matrix-synapse
(pip)
May 24, 2023
Ethereum ABI decoder DoS when parsing ZST
Moderate
GHSA-rqr8-pxh7-cq3g
was published
for
eth-abi
(pip)
Nov 24, 2023
Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning
Moderate
CVE-2023-46136
was published
for
werkzeug
(pip)
Oct 25, 2023
MoinMoin Denial of Service vulnerability via password_checker function
Moderate
CVE-2008-6549
was published
for
moin
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API