Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
eventing-github vulnerable to denial of service caused by improper enforcement of the timeout on individual read operations Low
GHSA-v7hc-87jc-qrrr was published for knative.dev/eventing-github (Go) Dec 6, 2023
RuoYi Uncontrolled Resource Consumption vulnerability Low
CVE-2023-3163 was published for com.ruoyi:ruoyi (Maven) Jun 8, 2023
Mattermost fails to properly validate a RegExp built off the server URL path, allowing an... Low Unreviewed
CVE-2023-5876 was published Nov 2, 2023
Fides Webserver Vulnerable to SVG Bomb File Uploads Low
CVE-2023-37481 was published for ethyca-fides (pip) Jul 18, 2023
daveqnet
Denial of service from large image Low
CVE-2023-37900 was published for github.com/crossplane/crossplane (Go) Jul 28, 2023
AdamKorcz DavidKorczynski
phisco
Fides Webserver Vulnerable to Zip Bomb File Uploads Low
CVE-2023-37480 was published for ethyca-fides (pip) Jul 18, 2023
daveqnet
A vulnerability has been found in OmniSharp csharp-language-server-protocol up to 0.19.6 and... Low Unreviewed
CVE-2022-4952 was published Jul 17, 2023
Denial of Service Vulnerability in Rack Content-Disposition parsing Low
CVE-2022-44571 was published for rack (RubyGems) Jan 18, 2023
Denial of service via multipart parsing in Rack Low
CVE-2022-44572 was published for rack (RubyGems) Jan 18, 2023
Regular Expression Denial of Service in jadedown Low
CVE-2016-10520 was published for jadedown (npm) Feb 18, 2019
Regular Expression Denial of Service (ReDoS) in jsx-slack Low
CVE-2021-43838 was published for jsx-slack (npm) Dec 17, 2021
hieki
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python... Low Unreviewed
CVE-2021-3737 was published May 24, 2022
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could... Low Unreviewed
CVE-2020-3504 was published May 24, 2022
The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without... Low Unreviewed
CVE-2011-5056 was published May 13, 2022
Regular Expression Denial of Service (ReDoS) in braces Low
CVE-2018-1109 was published for braces (npm) Jan 6, 2022
Denial of service in fast-csv Low
CVE-2020-26256 was published for @fast-csv/parse (npm) Dec 8, 2020
Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a... Low Unreviewed
CVE-2002-1876 was published Apr 30, 2022
Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability... Low Unreviewed
CVE-2021-25227 was published May 24, 2022
Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a... Low Unreviewed
CVE-2001-0666 was published Apr 30, 2022
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with... Low Unreviewed
CVE-2019-19922 was published May 24, 2022
There is a resource management errors vulnerability in Huawei P30. Local attackers construct... Low Unreviewed
CVE-2020-9203 was published May 24, 2022
hutool-json vulnerable to memory exhaustion Low
CVE-2022-45689 was published for cn.hutool:hutool-json (Maven) Dec 13, 2022
JBossWS vulnerable to uncontrolled recursion Low
CVE-2011-1483 was published for org.jboss.ws:jbossws-common (Maven) May 13, 2022
NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource... Low Unreviewed
CVE-2020-5961 was published May 24, 2022
A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd)... Low Unreviewed
CVE-2020-10717 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database