Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

103 advisories

Loading
Mattermost fails to limit the number of role names Moderate
CVE-2024-1953 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost Server doesn't limit the number of user preferences Moderate
CVE-2024-28949 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 5, 2024
Django denial-of-service in django.utils.html.strip_tags() Moderate
CVE-2024-53907 was published for Django (pip) Dec 6, 2024
zlib-rs stack overflow during decompression with malicious input Moderate
GHSA-j3px-q95c-9683 was published for libz-rs-sys (Rust) Nov 14, 2024
inahga
gqlparser denial of service vulnerability via the parserDirectives function Moderate
CVE-2023-49559 was published for github.com/vektah/gqlparser (Go) Jun 12, 2024
Missing rate limit on rdiffweb Moderate
CVE-2022-3456 was published for rdiffweb (pip) Oct 14, 2022
Searching Opencast may cause a denial of service Moderate
CVE-2024-52797 was published for org.opencastproject:opencast-elasticsearch-impl (Maven) Nov 20, 2024
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files Moderate
CVE-2023-28837 was published for wagtail (pip) Apr 3, 2023
RealOrangeOne
Missing ratelimit on passwrod resets in zenml Moderate
CVE-2024-4311 was published for zenml (pip) Nov 14, 2024
Memory exhaustion in Tensorflow Moderate
CVE-2022-21732 was published for tensorflow (pip) Feb 10, 2022
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks Moderate
CVE-2024-8184 was published for org.eclipse.jetty:jetty-server (Maven) Oct 14, 2024
HRsGIT
Wildfly vulnerable to denial of service Moderate
CVE-2024-4029 was published for org.wildfly:wildfly-domain-http (Maven) May 2, 2024
Mattermost Server vulnerable to application crash from attacker-generated large response Moderate
CVE-2024-47401 was published for github.com/mattermost/mattermost/server/v8 (Go) Oct 29, 2024
Denial of service in tensorflow-lite Moderate
CVE-2020-15213 was published for tensorflow (pip) Sep 25, 2020
rdiffweb's unlimited length Fullname field can lead to DoS Moderate
CVE-2022-3364 was published for rdiffweb (pip) Sep 30, 2022
Security Update for the OPC UA .NET Standard Stack Moderate
CVE-2024-45526 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 18, 2024
Bref's Uploaded Files Not Deleted in Event-Driven Functions Moderate
CVE-2024-24752 was published for bref/bref (Composer) Feb 1, 2024
smaury mnapoli
Possible ReDoS vulnerability in query parameter filtering in Action Dispatch Moderate
CVE-2024-41128 was published for actionpack (RubyGems) Oct 15, 2024
plone.rest vulnerable to Denial of Service when ++api++ is used many times Moderate
CVE-2023-42457 was published for plone.rest (pip) Sep 21, 2023
SUCHMOKUO node-worker-threads-pool denial of service Vulnerability Moderate
CVE-2021-29057 was published for node-worker-threads-pool (npm) Aug 11, 2023
nalandial
Liferay Portal vulnerable to Denial of Service Moderate
CVE-2024-26265 was published for com.liferay.portal:release.portal.bom (Maven) Feb 20, 2024
Denial of service attack via .well-known lookups Moderate
CVE-2021-21274 was published for matrix-synapse (pip) Mar 1, 2021
mscherer
NFStream Local Denial of Service (DoS) Moderate
CVE-2020-25340 was published for nfstream (pip) May 24, 2022
matrix-synapse vulnerable to denial of service due to malicious server ACL events Moderate
CVE-2023-45129 was published for matrix-synapse (pip) Oct 10, 2023
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API