Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,374 advisories

Loading
Remarshal expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack High
CVE-2023-47163 was published for remarshal (pip) Nov 13, 2023
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this... High Unreviewed
CVE-2023-52098 was published Jan 16, 2024
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco... High Unreviewed
CVE-2024-20351 was published Oct 23, 2024
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder Moderate
CVE-2024-25112 was published for exiv2 (pip) Oct 17, 2024
westonsteimel
PyKMIP Denial of service vulnerability High
CVE-2018-1000872 was published for pykmip (pip) Dec 21, 2018
tdunlap607
Denial of service in http-proxy-middleware High
CVE-2024-21536 was published for http-proxy-middleware (npm) Oct 19, 2024
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack... High Unreviewed
CVE-2024-6959 was published Oct 13, 2024
SaltStack Salt Denial of Service via a crafted authentication request High
CVE-2017-14696 was published for salt (pip) May 17, 2022
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
andrewpollock
Samly access control vulnerability Critical
CVE-2024-25718 was published for Samly (Erlang) Feb 11, 2024
py vulnerable to Regular Expression Denial of Service High
CVE-2020-29651 was published for py (pip) Apr 20, 2021
An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow... Moderate Unreviewed
CVE-2023-6450 was published Jan 19, 2024
Plone Denial of Service vulnerability via decompressing large zip archives Low
CVE-2013-4199 was published for plone (pip) May 17, 2022
Bref's Uploaded Files Not Deleted in Event-Driven Functions Moderate
CVE-2024-24752 was published for bref/bref (Composer) Feb 1, 2024
smaury mnapoli
Undertow's url-encoded request path information can be broken on ajp-listener High
CVE-2024-6162 was published for io.undertow:undertow-core (Maven) Jun 20, 2024
fawind
The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) through 2022-06-27... Moderate Unreviewed
CVE-2022-40306 was published Sep 16, 2022
Podman vulnerable to memory-based denial of service High
CVE-2024-3056 was published for github.com/containers/podman (Go) Aug 2, 2024
A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or... Moderate Unreviewed
CVE-2024-3508 was published Apr 25, 2024
Rack has possible DoS Vulnerability in Multipart MIME parsing High
CVE-2023-27530 was published for rack (RubyGems) Mar 8, 2023
Plone Authenticated Denial of Service vulnerability Moderate
CVE-2013-4188 was published for plone (pip) May 17, 2022
Uncontrolled Resource Consumption in Pillow High
CVE-2021-28677 was published for Pillow (pip) Jun 8, 2021
sunSUNQ
Plone denial of service via Caching Bypass High
CVE-2012-5498 was published for Plone (pip) May 17, 2022
Plone DoS via Crafted URL High
CVE-2012-5496 was published for plone (pip) May 17, 2022
Pillow Denial of Service vulnerability High
CVE-2023-44271 was published for pillow (pip) Nov 3, 2023
Eclipse Jetty has a denial of service vulnerability on DosFilter Moderate
CVE-2024-9823 was published for org.eclipse.jetty.ee10:jetty-ee10-servlets (Maven) Oct 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database