GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files
Moderate
CVE-2023-28837
was published
for
wagtail
(pip)
Apr 3, 2023
RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling
Moderate
CVE-2023-4138
was published
for
rdiffweb
(pip)
Aug 3, 2023
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability
Moderate
CVE-2023-42504
was published
for
apache-superset
(pip)
Nov 28, 2023
JWCrypto vulnerable to JWT bomb Attack in `deserialize` function
Moderate
CVE-2024-28102
was published
for
jwcrypto
(pip)
Mar 6, 2024
Synapse V2 state resolution weakness allows Denial of Service (DoS)
Moderate
CVE-2024-31208
was published
for
matrix-synapse
(pip)
Apr 23, 2024
priority vulnerable to denial of service
Moderate
CVE-2016-6580
was published
for
priority
(pip)
May 17, 2022
Django denial of service via empty session record creation
Moderate
CVE-2015-5963
was published
for
Django
(pip)
May 17, 2022
Django denial-of-service attack in the intcomma template filter
Moderate
CVE-2024-24680
was published
for
Django
(pip)
Feb 7, 2024
matrix-synapse vulnerable to denial of service due to malicious server ACL events
Moderate
CVE-2023-45129
was published
for
matrix-synapse
(pip)
Oct 10, 2023
NFStream Local Denial of Service (DoS)
Moderate
CVE-2020-25340
was published
for
nfstream
(pip)
May 24, 2022
Denial of service attack via .well-known lookups
Moderate
CVE-2021-21274
was published
for
matrix-synapse
(pip)
Mar 1, 2021
plone.rest vulnerable to Denial of Service when ++api++ is used many times
Moderate
CVE-2023-42457
was published
for
plone.rest
(pip)
Sep 21, 2023
rdiffweb's unlimited length Fullname field can lead to DoS
Moderate
CVE-2022-3364
was published
for
rdiffweb
(pip)
Sep 30, 2022
Denial of service in tensorflow-lite
Moderate
CVE-2020-15213
was published
for
tensorflow
(pip)
Sep 25, 2020
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21732
was published
for
tensorflow
(pip)
Feb 10, 2022
Missing ratelimit on passwrod resets in zenml
Moderate
CVE-2024-4311
was published
for
zenml
(pip)
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API