GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,015
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
18 advisories
Filter by severity
Bref's Uploaded Files Not Deleted in Event-Driven Functions
Moderate
CVE-2024-24752
was published
for
bref/bref
(Composer)
Feb 1, 2024
TYPO3 Denial of Service in Online Media Asset Handling
Moderate
GHSA-f3wf-q4fj-3gxf
was published
for
typo3/cms
(Composer)
Jun 7, 2024
TYPO3 Denial of Service in Frontend Record Registration
High
GHSA-g585-crjf-vhwq
was published
for
typo3/cms
(Composer)
Jun 7, 2024
Flooding Server with Thumbnail files
High
CVE-2024-32871
was published
for
pimcore/pimcore
(Composer)
Jun 4, 2024
TYPO3 Denial of Service in Frontend Record Registration
High
GHSA-hjx5-v9xg-7h25
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 Denial of Service in Online Media Asset Handling
Moderate
GHSA-29m4-mx89-3mjg
was published
for
typo3/cms-core
(Composer)
May 30, 2024
Moodle denial-of-service risk in the draft files area
High
CVE-2021-32476
was published
for
moodle/moodle
(Composer)
Mar 12, 2022
Moodle Client side denial of service via personal message
Moderate
CVE-2021-20185
was published
for
moodle/moodle
(Composer)
May 24, 2022
amphp/http-client Denial of Service via HTTP/2 CONTINUATION Frames
High
GHSA-w8gf-g2vq-j2f4
was published
for
amphp/http-client
(Composer)
Apr 3, 2024
MediaWiki allows a denial of service
Moderate
CVE-2021-41800
was published
for
mediawiki/core
(Composer)
May 24, 2022
LibreNMS vulnerable to rate limiting bypass on login page
Moderate
CVE-2023-46745
was published
for
librenms/librenms
(Composer)
Nov 17, 2023
Froxlor vulnerable to Allocation of Resources Without Limits or Throttling
Moderate
CVE-2023-2666
was published
for
froxlor/froxlor
(Composer)
May 19, 2023
Wallabag vulnerable to Allocation of Resources Without Limits or Throttling
Moderate
CVE-2023-3566
was published
for
wallabag/wallabag
(Composer)
Jul 10, 2023
Denial of service from unlimited password lengths
Moderate
CVE-2023-38492
was published
for
getkirby/cms
(Composer)
Jul 28, 2023
Concrete CMS vulnerable to Uncontrolled Resource Consumption leading to DoS
Moderate
CVE-2022-43686
was published
for
concrete5/concrete5
(Composer)
Nov 15, 2022
DDOS attack on graphql endpoints
High
CVE-2023-28104
was published
for
silverstripe/graphql
(Composer)
Mar 16, 2023
Denial of service in direct_mail
Moderate
CVE-2020-12697
was published
for
directmailteam/direct-mail
(Composer)
May 24, 2021
TYPO3 CMS vulnerable to Denial of Service in Page Error Handling
Moderate
CVE-2022-36104
was published
for
typo3/cms
(Composer)
Sep 16, 2022
ProTip!
Advisories are also available from the
GraphQL API