Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,426 advisories

Loading
zstd vulnerable to buffer overrun High
CVE-2022-4899 was published for github.com/facebook/zstd (pip) Mar 31, 2023
High resource usage when parsing multipart form data with many fields High
CVE-2023-25577 was published for Werkzeug (pip) Feb 15, 2023
das7pad
websockets is vulnerable to denial of service by memory exhaustion High
CVE-2018-1000518 was published for websockets (pip) Sep 17, 2018
ericwb
Traefik vulnerable to potential DDoS via ACME HTTPChallenge Moderate
CVE-2023-47124 was published for github.com/traefik/traefik/v2 (Go) Dec 5, 2023
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files Moderate
CVE-2023-28837 was published for wagtail (pip) Apr 3, 2023
RealOrangeOne
Catastrophic backtracking in regex allows Denial of Service in Waitress Moderate
CVE-2020-5236 was published for waitress (pip) Feb 4, 2020
VTK NULL pointer dereference vulnerability High
CVE-2021-42521 was published for vtk (pip) Aug 26, 2022
Catastrophic backtracking in URL authority parser when passed URL containing many @ characters High
CVE-2021-33503 was published for urllib3 (pip) Jun 1, 2021
NariyoshiChida ap-wtioit
Client Denial of Service on TUF Moderate
CVE-2020-6173 was published for tuf (pip) Aug 21, 2020
Uncontrolled Resource Consumption in urllib3 High
CVE-2020-7212 was published for urllib3 (pip) Apr 30, 2021
wasm3 uncontrolled memory allocation vulnerability Moderate
CVE-2024-27529 was published for github.com/shareup/wasm-interpreter-apple (pip) Nov 9, 2024
Trac reStructuredText breach of privacy and denial of service vulnerability High
CVE-2006-3695 was published for trac (pip) May 1, 2022
A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue... Moderate Unreviewed
CVE-2023-39180 was published Nov 18, 2024
CosmWasm wasmd has large address count in ValidateBasic Moderate
GHSA-m3rh-cvr5-x6q4 was published for github.com/CosmWasm/wasmd (Go) Aug 8, 2024
sushiwushi
DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources High
GHSA-mmwx-rj87-vfgr was published for dnsjava:dnsjava (Maven) Jul 22, 2024
levpachmanov amita-seal
Directus GraphQL Field Duplication Denial of Service (DoS) High
CVE-2024-39895 was published for @directus/env (npm) Jul 8, 2024
asantof
Mattermost vulnerable to denial of service via large number of emoji reactions High
CVE-2024-1402 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 9, 2024
c0rydoras
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... Moderate Unreviewed
CVE-2023-44321 was published Nov 14, 2023
Django Denial-of-service in django.utils.text.Truncator High
CVE-2023-43665 was published for Django (pip) Nov 3, 2023
ReDoS issue in dparse High
CVE-2022-39280 was published for dparse (pip) Sep 27, 2022
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected... High Unreviewed
CVE-2017-2681 was published May 13, 2022
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of... High Unreviewed
CVE-2017-2680 was published May 13, 2022
Django vulnerable to Denial of Service via i18n middleware component High
CVE-2007-5712 was published for Django (pip) May 1, 2022
MarkLee131
Potential Denial-of-Service in bindata Moderate
CVE-2021-32823 was published for bindata (RubyGems) Jun 23, 2021
Uncontrolled Resource Consumption in Indy Node Critical
CVE-2020-11090 was published for indy-node (pip) Jun 11, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database