Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

260 advisories

Loading
Uncontrolled resource consumption in nokogiri Moderate
CVE-2017-18258 was published for nokogiri (RubyGems) Apr 13, 2018
Denial of Service vulnerability with large JSON payloads in fastify High
CVE-2018-3711 was published for fastify (npm) Jul 18, 2018
RDIL
Regular Expression Denial of Service in sshpk High
CVE-2018-3737 was published for sshpk (npm) Aug 15, 2018
Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation High
CVE-2018-1274 was published for org.springframework.data:spring-data-commons (Maven) Oct 17, 2018
MarkLee131
Uncontrolled Memory Consumption in Django High
CVE-2019-6975 was published for Django (pip) Feb 12, 2019
tdunlap607
Denial of Service Vulnerability in Action View High
CVE-2019-5419 was published for actionview (RubyGems) Mar 13, 2019
Django Denial-of-service by filling session store High
CVE-2015-5143 was published for Django (pip) Jul 5, 2019
MarkLee131
Allocation of Resources Without Limits or Throttling in Apache Tika High
CVE-2019-10094 was published for org.apache.tika:tika-core (Maven) Aug 6, 2019
Allocation of Resources Without Limits or Throttling in Apache Tika Moderate
CVE-2019-10093 was published for org.apache.tika:tika-parsers (Maven) Aug 6, 2019
Allocation of Resources Without Limits or Throttling in Apache Tika High
CVE-2019-10088 was published for org.apache.tika:tika-core (Maven) Aug 6, 2019
Out-of-Memory Error in Bouncy Castle Crypto High
CVE-2019-17359 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 17, 2019
DOS attack in Pillow when processing specially crafted image files High
CVE-2019-16865 was published for pillow (pip) Oct 22, 2019
sunSUNQ
Potential DOS attack due to unrestricted attachment count in messages Moderate
CVE-2019-12406 was published for org.apache.cxf:apache-cxf (Maven) Nov 8, 2019
Denial of Service in Cryptacular High
CVE-2020-7226 was published for org.cryptacular:cryptacular (Maven) Jun 10, 2020
Denial of Service in Netty High
CVE-2020-11612 was published for io.netty:netty-handler (Maven) Jun 15, 2020
Denial of Service in Google Guava Moderate
CVE-2018-10237 was published for com.google.guava:guava (Maven) Jun 15, 2020
Prototype Pollution in lodash High
CVE-2020-8203 was published for lodash (npm) Jul 15, 2020
mitchell-codecov jkmartindale
bengry greengeko tompazourek
The `size` option isn't honored after following a redirect in node-fetch Low
CVE-2020-15168 was published for node-fetch (npm) Sep 10, 2020
rynop tdunlap607
ziviseal
Denial of service in tensorflow-lite Moderate
CVE-2020-15213 was published for tensorflow (pip) Sep 25, 2020
Unbounded connection acceptance leads to file handle exhaustion High
CVE-2021-21293 was published for org.http4s:blaze-core_2.11 (Maven) Feb 2, 2021
Unbounded connection acceptance in http4s-blaze-server High
CVE-2021-21294 was published for org.http4s:http4s-blaze-server_2.12 (Maven) Feb 2, 2021
Denial of service attack via .well-known lookups Moderate
CVE-2021-21274 was published for matrix-synapse (pip) Mar 1, 2021
mscherer
Sydent vulnerable to denial of service attack via memory exhaustion High
CVE-2021-29430 was published for matrix-sydent (pip) Apr 19, 2021
Allocation of Resources Without Limits or Throttling in Undertow High
CVE-2020-10705 was published for io.undertow:undertow-core (Maven) Apr 30, 2021
ProTip! Advisories are also available from the GraphQL API