Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

54 advisories

Loading
Tornado has an HTTP cookie parsing DoS vulnerability High
CVE-2024-52804 was published for tornado (pip) Nov 22, 2024
kexinoh
Litestar allows unbounded resource consumption (DoS vulnerability) High
CVE-2024-52581 was published for litestar (pip) Nov 20, 2024
defnull
Missing ratelimit on passwrod resets in zenml Moderate
CVE-2024-4311 was published for zenml (pip) Nov 14, 2024
Starlette Denial of service (DoS) via multipart/form-data High
CVE-2024-47874 was published for starlette (pip) Oct 15, 2024
defnull
freewvs vulnerable to denial of service through large files Low
CVE-2020-15100 was published for freewvs (pip) Aug 30, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
Django vulnerable to Denial of Service High
CVE-2024-39614 was published for Django (pip) Jul 10, 2024
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service Critical
CVE-2024-32874 was published for frigate (pip) May 9, 2024
Sim4n6
Synapse V2 state resolution weakness allows Denial of Service (DoS) Moderate
CVE-2024-31208 was published for matrix-synapse (pip) Apr 23, 2024
alexeyshch
JWCrypto vulnerable to JWT bomb Attack in `deserialize` function Moderate
CVE-2024-28102 was published for jwcrypto (pip) Mar 6, 2024
P3ngu1nW
Django denial-of-service attack in the intcomma template filter High
CVE-2024-24680 was published for Django (pip) Feb 7, 2024
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability Moderate
CVE-2023-42504 was published for apache-superset (pip) Nov 28, 2023
Pillow Denial of Service vulnerability High
CVE-2023-44271 was published for pillow (pip) Nov 3, 2023
Django potential denial of service vulnerability in UsernameField on Windows High
CVE-2023-46695 was published for Django (pip) Nov 2, 2023
matrix-synapse vulnerable to denial of service due to malicious server ACL events Moderate
CVE-2023-45129 was published for matrix-synapse (pip) Oct 10, 2023
Rdiffweb Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2023-5289 was published for rdiffweb (pip) Sep 29, 2023
plone.rest vulnerable to Denial of Service when ++api++ is used many times Moderate
CVE-2023-42457 was published for plone.rest (pip) Sep 21, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35139 was published for ryu (pip) Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35141 was published for ryu (pip) Aug 11, 2023
Excessive Iteration in gRPC High
CVE-2023-33953 was published for grpc (RubyGems) Aug 9, 2023
levpachmanov
RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling Moderate
CVE-2023-4138 was published for rdiffweb (pip) Aug 3, 2023
Products.CMFCore unauthenticated denial of service and crash via unchecked use of input with Python's marshal module High
CVE-2023-36814 was published for Products.CMFCore (pip) Jul 5, 2023
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files Moderate
CVE-2023-28837 was published for wagtail (pip) Apr 3, 2023
RealOrangeOne
Denial of service vulnerability on Password reset page High
CVE-2023-25171 was published for kiwitcms (pip) Feb 15, 2023
mosaa404
Denial of service vulnerability when parsing multipart request body High
CVE-2023-25578 was published for starlite (pip) Feb 15, 2023
das7pad
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database