Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

16 advisories

Loading
Missing ratelimit on passwrod resets in zenml Moderate
CVE-2024-4311 was published for zenml (pip) Nov 14, 2024
Synapse V2 state resolution weakness allows Denial of Service (DoS) Moderate
CVE-2024-31208 was published for matrix-synapse (pip) Apr 23, 2024
alexeyshch
JWCrypto vulnerable to JWT bomb Attack in `deserialize` function Moderate
CVE-2024-28102 was published for jwcrypto (pip) Mar 6, 2024
P3ngu1nW
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability Moderate
CVE-2023-42504 was published for apache-superset (pip) Nov 28, 2023
matrix-synapse vulnerable to denial of service due to malicious server ACL events Moderate
CVE-2023-45129 was published for matrix-synapse (pip) Oct 10, 2023
plone.rest vulnerable to Denial of Service when ++api++ is used many times Moderate
CVE-2023-42457 was published for plone.rest (pip) Sep 21, 2023
RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling Moderate
CVE-2023-4138 was published for rdiffweb (pip) Aug 3, 2023
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files Moderate
CVE-2023-28837 was published for wagtail (pip) Apr 3, 2023
RealOrangeOne
Missing rate limit on rdiffweb Moderate
CVE-2022-3456 was published for rdiffweb (pip) Oct 14, 2022
rdiffweb's unlimited length Fullname field can lead to DoS Moderate
CVE-2022-3364 was published for rdiffweb (pip) Sep 30, 2022
NFStream Local Denial of Service (DoS) Moderate
CVE-2020-25340 was published for nfstream (pip) May 24, 2022
priority vulnerable to denial of service Moderate
CVE-2016-6580 was published for priority (pip) May 17, 2022
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
Memory exhaustion in Tensorflow Moderate
CVE-2022-21732 was published for tensorflow (pip) Feb 10, 2022
Denial of service attack via .well-known lookups Moderate
CVE-2021-21274 was published for matrix-synapse (pip) Mar 1, 2021
mscherer
Denial of service in tensorflow-lite Moderate
CVE-2020-15213 was published for tensorflow (pip) Sep 25, 2020
ProTip! Advisories are also available from the GraphQL API