Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

38 advisories

Loading
Uncontrolled Memory Consumption in Django High
CVE-2019-6975 was published for Django (pip) Feb 12, 2019
tdunlap607
Django Denial-of-service by filling session store High
CVE-2015-5143 was published for Django (pip) Jul 5, 2019
MarkLee131
DOS attack in Pillow when processing specially crafted image files High
CVE-2019-16865 was published for pillow (pip) Oct 22, 2019
sunSUNQ
Sydent vulnerable to denial of service attack via memory exhaustion High
CVE-2021-29430 was published for matrix-sydent (pip) Apr 19, 2021
ReDOS in Mpmath High
CVE-2021-29063 was published for mpmath (pip) Aug 9, 2021
bryan-rhm
Twisted SSH client and server deny of service during SSH handshake. High
CVE-2022-21716 was published for twisted (pip) Mar 3, 2022
Idan-D vin01
Allocation of Resources Without Limits or Throttling in nvflare High
CVE-2022-21822 was published for nvflare (pip) Mar 18, 2022
Nintorac
pyftpdlib vulnerable to allocation of resources without limits High
CVE-2007-6740 was published for pyftpdlib (pip) May 1, 2022
Django Denial-of-service possibility with strip_tags High
CVE-2015-2316 was published for Django (pip) May 14, 2022
MarkLee131
OpenStack Glance Denial of service by creating a large number of images High
CVE-2015-1881 was published for glance (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images High
CVE-2014-9684 was published for glance (pip) May 17, 2022
Django database denial-of-service with ModelMultipleChoiceField High
CVE-2015-0222 was published for Django (pip) May 17, 2022
MarkLee131
Plone is vulnerable to denial of service High
CVE-2012-5499 was published for Plone (pip) May 17, 2022
OpenStack Nova VMWare driver leaks rescued images High
CVE-2014-2573 was published for nova (pip) May 17, 2022
Uncontrolled Resource Consumption in asyncua and opcua High
CVE-2022-25304 was published for asyncua (pip) Aug 24, 2022
GoetzGoerisch tdunlap607
rdiffweb vulnerable to potential DoS via memory consumption High
CVE-2022-3298 was published for rdiffweb (pip) Sep 27, 2022
rdiffweb allows unlimited length of root directory name, which could result in DoS High
CVE-2022-3295 was published for rdiffweb (pip) Sep 27, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption High
CVE-2022-3371 was published for rdiffweb (pip) Oct 1, 2022
rdiffweb has no rate limit on resend email feature High
CVE-2022-4723 was published for rdiffweb (pip) Dec 27, 2022
Django contains Uncontrolled Resource Consumption via cached header High
CVE-2023-23969 was published for django (pip) Feb 1, 2023
MarkLee131
High resource usage when parsing multipart form data with many fields High
CVE-2023-25577 was published for Werkzeug (pip) Feb 15, 2023
das7pad
Denial of service vulnerability when parsing multipart request body High
CVE-2023-25578 was published for starlite (pip) Feb 15, 2023
das7pad
Denial of service vulnerability on Password reset page High
CVE-2023-25171 was published for kiwitcms (pip) Feb 15, 2023
mosaa404
ProTip! Advisories are also available from the GraphQL API