GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
49 advisories
Filter by severity
Uncontrolled Memory Consumption in Django
High
CVE-2019-6975
was published
for
Django
(pip)
Feb 12, 2019
Django Denial-of-service by filling session store
High
CVE-2015-5143
was published
for
Django
(pip)
Jul 5, 2019
DOS attack in Pillow when processing specially crafted image files
High
CVE-2019-16865
was published
for
pillow
(pip)
Oct 22, 2019
Denial of service in tensorflow-lite
Moderate
CVE-2020-15213
was published
for
tensorflow
(pip)
Sep 25, 2020
Denial of service attack via .well-known lookups
Moderate
CVE-2021-21274
was published
for
matrix-synapse
(pip)
Mar 1, 2021
Sydent vulnerable to denial of service attack via memory exhaustion
High
CVE-2021-29430
was published
for
matrix-sydent
(pip)
Apr 19, 2021
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21732
was published
for
tensorflow
(pip)
Feb 10, 2022
Twisted SSH client and server deny of service during SSH handshake.
High
CVE-2022-21716
was published
for
twisted
(pip)
Mar 3, 2022
Allocation of Resources Without Limits or Throttling in nvflare
High
CVE-2022-21822
was published
for
nvflare
(pip)
Mar 18, 2022
pyftpdlib vulnerable to allocation of resources without limits
Moderate
CVE-2007-6740
was published
for
pyftpdlib
(pip)
May 1, 2022
Django Denial-of-service possibility with strip_tags
High
CVE-2015-2316
was published
for
Django
(pip)
May 14, 2022
Django denial of service via empty session record creation
Moderate
CVE-2015-5963
was published
for
Django
(pip)
May 17, 2022
priority vulnerable to denial of service
Moderate
CVE-2016-6580
was published
for
priority
(pip)
May 17, 2022
Django database denial-of-service with ModelMultipleChoiceField
High
CVE-2015-0222
was published
for
Django
(pip)
May 17, 2022
OpenStack os-vif Ageing time of 0 disables linuxbridge MAC learning
Critical
CVE-2019-15753
was published
for
os-vif
(pip)
May 24, 2022
NFStream Local Denial of Service (DoS)
Moderate
CVE-2020-25340
was published
for
nfstream
(pip)
May 24, 2022
Uncontrolled Resource Consumption in asyncua and opcua
High
CVE-2022-25304
was published
for
asyncua
(pip)
Aug 24, 2022
rdiffweb vulnerable to potential DoS via memory consumption
High
CVE-2022-3298
was published
for
rdiffweb
(pip)
Sep 27, 2022
rdiffweb allows unlimited length of root directory name, which could result in DoS
High
CVE-2022-3295
was published
for
rdiffweb
(pip)
Sep 27, 2022
rdiffweb's unlimited length Fullname field can lead to DoS
Moderate
CVE-2022-3364
was published
for
rdiffweb
(pip)
Sep 30, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption
High
CVE-2022-3371
was published
for
rdiffweb
(pip)
Oct 1, 2022
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks
High
CVE-2022-3273
was published
for
rdiffweb
(pip)
Oct 6, 2022
ProTip!
Advisories are also available from the
GraphQL API