Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

43 advisories

Loading
wasm3 uncontrolled memory allocation vulnerability Moderate
CVE-2024-27529 was published for github.com/shareup/wasm-interpreter-apple (pip) Nov 9, 2024
Werkzeug possible resource exhaustion when parsing file data in forms Moderate
CVE-2024-49767 was published for quart (pip) Oct 25, 2024
defnull
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder Moderate
CVE-2024-25112 was published for exiv2 (pip) Oct 17, 2024
westonsteimel
Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters Moderate
CVE-2024-45230 was published for Django (pip) Oct 8, 2024
vLLM Denial of Service via the best_of parameter Moderate
CVE-2024-8939 was published for vllm (pip) Sep 17, 2024
Django memory consumption vulnerability Moderate
CVE-2024-41989 was published for Django (pip) Aug 7, 2024
zipp Denial of Service vulnerability Moderate
CVE-2024-5569 was published for zipp (pip) Jul 9, 2024
Improper line feed handling in zenml Moderate
CVE-2024-4460 was published for zenml (pip) Jun 24, 2024
Denial of service in langchain-community Moderate
CVE-2024-2965 was published for langchain (pip) Jun 6, 2024
eyurtsev efriis
Duplicate Advisory: Apache Superset uncontrolled resource consumption Moderate
CVE-2024-23952 was published for apache-superset (pip) May 30, 2024 withdrawn
python-jose denial of service via compressed JWE content Moderate
CVE-2024-33664 was published for python-jose (pip) Apr 26, 2024
garyd203
Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode Moderate
CVE-2024-3651 was published for idna (pip) Apr 11, 2024
guidovranken
DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value Moderate
CVE-2023-6681 was published for jwcrypto (pip) Dec 28, 2023
Apache Superset uncontrolled resource consumption Moderate
CVE-2023-46104 was published for apache-superset (pip) Dec 19, 2023
Ethereum ABI decoder DoS when parsing ZST Moderate
GHSA-rqr8-pxh7-cq3g was published for eth-abi (pip) Nov 24, 2023
maxammann
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri Moderate
CVE-2023-41164 was published for django (pip) Nov 3, 2023
Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning Moderate
CVE-2023-46136 was published for werkzeug (pip) Oct 25, 2023
psrok1 davidism
plone.rest vulnerable to Denial of Service when ++api++ is used many times Moderate
CVE-2023-42457 was published for plone.rest (pip) Sep 21, 2023
Denial of service in neutron Moderate
CVE-2023-3637 was published for neutron (pip) Jul 25, 2023
Withdrawn: scipy memory leak vulnerability Moderate
CVE-2023-25399 was published for scipy (pip) Jul 5, 2023 withdrawn
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files Moderate
CVE-2023-28837 was published for wagtail (pip) Apr 3, 2023
RealOrangeOne
openstack-neutron uncontrolled resource consumption flaw Moderate
CVE-2022-3277 was published for neutron (pip) Mar 7, 2023
Denial of service in `tf.ragged.constant` due to lack of validation Moderate
CVE-2022-29202 was published for tensorflow (pip) May 24, 2022
Plone Authenticated Denial of Service vulnerability Moderate
CVE-2013-4188 was published for plone (pip) May 17, 2022
OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service Moderate
CVE-2015-5286 was published for glance (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database