Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

271 advisories

Loading
Unbounded connection acceptance leads to file handle exhaustion High
CVE-2021-21293 was published for org.http4s:blaze-core_2.11 (Maven) Feb 2, 2021
Denial of service in tensorflow-lite Moderate
CVE-2020-15213 was published for tensorflow (pip) Sep 25, 2020
The `size` option isn't honored after following a redirect in node-fetch Low
CVE-2020-15168 was published for node-fetch (npm) Sep 10, 2020
rynop tdunlap607
ziviseal
Prototype Pollution in lodash High
CVE-2020-8203 was published for lodash (npm) Jul 15, 2020
mitchell-codecov jkmartindale
bengry greengeko tompazourek
Denial of Service in Google Guava Moderate
CVE-2018-10237 was published for com.google.guava:guava (Maven) Jun 15, 2020
Denial of Service in Netty High
CVE-2020-11612 was published for io.netty:netty-handler (Maven) Jun 15, 2020
Denial of Service in Cryptacular High
CVE-2020-7226 was published for org.cryptacular:cryptacular (Maven) Jun 10, 2020
A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack Moderate
CVE-2019-16770 was published for puma (RubyGems) Dec 5, 2019
Potential DOS attack due to unrestricted attachment count in messages Moderate
CVE-2019-12406 was published for org.apache.cxf:apache-cxf (Maven) Nov 8, 2019
DOS attack in Pillow when processing specially crafted image files High
CVE-2019-16865 was published for pillow (pip) Oct 22, 2019
sunSUNQ
Out-of-Memory Error in Bouncy Castle Crypto High
CVE-2019-17359 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 17, 2019
Allocation of Resources Without Limits or Throttling in Apache Tika High
CVE-2019-10088 was published for org.apache.tika:tika-core (Maven) Aug 6, 2019
Allocation of Resources Without Limits or Throttling in Apache Tika Moderate
CVE-2019-10093 was published for org.apache.tika:tika-parsers (Maven) Aug 6, 2019
Allocation of Resources Without Limits or Throttling in Apache Tika High
CVE-2019-10094 was published for org.apache.tika:tika-core (Maven) Aug 6, 2019
Django Denial-of-service by filling session store High
CVE-2015-5143 was published for Django (pip) Jul 5, 2019
MarkLee131
Denial of Service Vulnerability in Action View High
CVE-2019-5419 was published for actionview (RubyGems) Mar 13, 2019
Uncontrolled Memory Consumption in Django High
CVE-2019-6975 was published for Django (pip) Feb 12, 2019
tdunlap607
Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation High
CVE-2018-1274 was published for org.springframework.data:spring-data-commons (Maven) Oct 17, 2018
MarkLee131
Regular Expression Denial of Service in sshpk High
CVE-2018-3737 was published for sshpk (npm) Aug 15, 2018
Denial of Service vulnerability with large JSON payloads in fastify High
CVE-2018-3711 was published for fastify (npm) Jul 18, 2018
RDIL
Uncontrolled resource consumption in nokogiri Moderate
CVE-2017-18258 was published for nokogiri (RubyGems) Apr 13, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database