GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,181 advisories
Filter by severity
An issue was discovered in Technitium 11.0.2. There is a vulnerability (called BadDNS) in DNS...
High
Unreviewed
CVE-2023-28451
was published
Sep 18, 2024
Django DoS in django.views.static.serve
High
CVE-2015-0221
was published
for
Django
(pip)
May 17, 2022
Django ReDoS in validators.URLValidator
High
CVE-2015-5145
was published
for
Django
(pip)
May 17, 2022
Django Denial of Service Vulnerability in the authentication framework
High
CVE-2013-1443
was published
for
Django
(pip)
May 17, 2022
Django denial of service via file upload naming
High
CVE-2014-0481
was published
for
Django
(pip)
May 14, 2022
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7,...
High
Unreviewed
CVE-2024-44169
was published
Sep 17, 2024
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44160
was published
Sep 17, 2024
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in...
High
Unreviewed
CVE-2024-40841
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
High
Unreviewed
CVE-2024-27874
was published
Sep 17, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21838
was published
Jan 18, 2023
Django Image Field Vulnerable to Image Decompression Bombs
High
CVE-2012-3443
was published
for
Django
(pip)
May 17, 2022
Django Regex Algorithmic Complexity Causes Denial of Service
High
CVE-2009-3695
was published
for
Django
(pip)
May 2, 2022
Undertow Uncontrolled Resource Consumption Vulnerability
High
CVE-2024-1635
was published
for
io.undertow:undertow-core
(Maven)
Feb 20, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21964
was published
Apr 18, 2023
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC...
High
Unreviewed
CVE-2023-2992
was published
Jun 26, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web...
High
Unreviewed
CVE-2023-21996
was published
Apr 18, 2023
go-ethereum vulnerable to denial of service via crafted GraphQL query
High
CVE-2023-42319
was published
for
github.com/ethereum/go-ethereum
(Go)
Oct 18, 2023
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the...
High
Unreviewed
CVE-2023-49224
was published
Jun 7, 2024
Uncontrolled Resource Consumption in Jackson-databind
High
CVE-2022-42003
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 3, 2022
Regular Expression Denial of Service in CairoSVG
High
CVE-2021-21236
was published
for
CairoSVG
(pip)
Jan 6, 2021
An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends...
High
Unreviewed
CVE-2024-23744
was published
Jan 22, 2024
Apprise vulnerable to regex injection with IFTTT Plugin
High
CVE-2021-39229
was published
for
apprise
(pip)
Sep 20, 2021
Apache IoTDB subject to ReDOS with Java 8
High
CVE-2022-43766
was published
for
apache-iotdb
(Maven)
Oct 26, 2022
Apache Airflow denial of service vulnerability
High
CVE-2023-37379
was published
for
apache-airflow
(pip)
Aug 23, 2023
ProTip!
Advisories are also available from the
GraphQL API