Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,229 advisories

Loading
Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843,... High Unreviewed
CVE-2022-21848 was published Jan 12, 2022
Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21848,... High Unreviewed
CVE-2022-21843 was published Jan 12, 2022
Stack overflow in TensorFlow High
CVE-2022-23591 was published for tensorflow (pip) Feb 9, 2022
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch... High Unreviewed
CVE-2024-48989 was published Nov 13, 2024
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to... High Unreviewed
CVE-2024-9409 was published Nov 13, 2024
Denial of Service attack on windows app using netty High
CVE-2024-47535 was published for io.netty:netty-common (Maven) Nov 12, 2024
Amossys-PGR
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2024-10314 was published Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2024-10345 was published Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the... High Unreviewed
CVE-2024-10344 was published Nov 11, 2024
json-io vulnerable to stack exhaustion High
CVE-2023-34610 was published for com.cedarsoftware:json-io (Maven) Jun 14, 2023
aantonel-sysdig
Next.js Denial of Service (DoS) condition High
CVE-2024-39693 was published for next (npm) Jul 10, 2024
kangax html-minifier REDoS vulnerability High
CVE-2022-37620 was published for html-minifier (npm) Oct 31, 2022
Denial of Service in Connect2id Nimbus JOSE+JWT High
CVE-2023-52428 was published for com.nimbusds:nimbus-jose-jwt (Maven) Feb 11, 2024
ebickle
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ... High Unreviewed
CVE-2024-7807 was published Oct 29, 2024
MultipartParser denial of service with too many fields or files High
CVE-2023-30798 was published for starlette (pip) Feb 14, 2023
das7pad
Duplicate Advisory: Starlette allows an unauthenticated and remote attacker to specify any number of form fields or files High
GHSA-3qj8-93xh-pwh2 was published for starlette (pip) Apr 21, 2023 withdrawn
Denial of service vulnerability when parsing multipart request body High
CVE-2023-25578 was published for starlite (pip) Feb 15, 2023
das7pad
SystemDS CPU exhaustion vulnerability High
CVE-2022-26477 was published for org.apache.systemds:systemds (Maven) Jun 28, 2022
StripComments filter contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service) High
CVE-2021-32839 was published for sqlparse (pip) Sep 10, 2021
erik-krogh
Remarshal expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack High
CVE-2023-47163 was published for remarshal (pip) Nov 13, 2023
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this... High Unreviewed
CVE-2023-52098 was published Jan 16, 2024
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco... High Unreviewed
CVE-2024-20351 was published Oct 23, 2024
PyKMIP Denial of service vulnerability High
CVE-2018-1000872 was published for pykmip (pip) Dec 21, 2018
tdunlap607
Denial of service in http-proxy-middleware High
CVE-2024-21536 was published for http-proxy-middleware (npm) Oct 19, 2024
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack... High Unreviewed
CVE-2024-6959 was published Oct 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database