GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
62 advisories
Filter by severity
Django denial-of-service in django.utils.html.strip_tags()
Moderate
CVE-2024-53907
was published
for
Django
(pip)
Dec 6, 2024
Synapse allows unsupported content types to lead to memory exhaustion
High
CVE-2024-52805
was published
for
matrix-synapse
(pip)
Dec 3, 2024
Synapse denial of service through media disk space consumption
High
CVE-2024-37302
was published
for
matrix-synapse
(pip)
Dec 3, 2024
Denial of service (DoS) via deformation `multipart/form-data` boundary
High
CVE-2024-53981
was published
for
python-multipart
(pip)
Dec 2, 2024
Tornado has an HTTP cookie parsing DoS vulnerability
High
CVE-2024-52804
was published
for
tornado
(pip)
Nov 22, 2024
Litestar allows unbounded resource consumption (DoS vulnerability)
High
CVE-2024-52581
was published
for
litestar
(pip)
Nov 20, 2024
Missing ratelimit on passwrod resets in zenml
Moderate
CVE-2024-4311
was published
for
zenml
(pip)
Nov 14, 2024
Starlette Denial of service (DoS) via multipart/form-data
High
CVE-2024-47874
was published
for
starlette
(pip)
Oct 15, 2024
freewvs vulnerable to denial of service through large files
Low
CVE-2020-15100
was published
for
freewvs
(pip)
Aug 30, 2024
Django vulnerable to Denial of Service
High
CVE-2024-38875
was published
for
Django
(pip)
Jul 10, 2024
Django vulnerable to Denial of Service
High
CVE-2024-39614
was published
for
Django
(pip)
Jul 10, 2024
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service
Critical
CVE-2024-32874
was published
for
frigate
(pip)
May 9, 2024
Synapse V2 state resolution weakness allows Denial of Service (DoS)
Moderate
CVE-2024-31208
was published
for
matrix-synapse
(pip)
Apr 23, 2024
JWCrypto vulnerable to JWT bomb Attack in `deserialize` function
Moderate
CVE-2024-28102
was published
for
jwcrypto
(pip)
Mar 6, 2024
Django denial-of-service attack in the intcomma template filter
High
CVE-2024-24680
was published
for
Django
(pip)
Feb 7, 2024
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability
Moderate
CVE-2023-42504
was published
for
apache-superset
(pip)
Nov 28, 2023
Pillow Denial of Service vulnerability
High
CVE-2023-44271
was published
for
pillow
(pip)
Nov 3, 2023
Django potential denial of service vulnerability in UsernameField on Windows
High
CVE-2023-46695
was published
for
Django
(pip)
Nov 2, 2023
matrix-synapse vulnerable to denial of service due to malicious server ACL events
Moderate
CVE-2023-45129
was published
for
matrix-synapse
(pip)
Oct 10, 2023
Rdiffweb Allocation of Resources Without Limits or Throttling vulnerability
High
CVE-2023-5289
was published
for
rdiffweb
(pip)
Sep 29, 2023
plone.rest vulnerable to Denial of Service when ++api++ is used many times
Moderate
CVE-2023-42457
was published
for
plone.rest
(pip)
Sep 21, 2023
FaucetSDN Ryu Denial of Service Vulnerability
High
CVE-2020-35139
was published
for
ryu
(pip)
Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability
High
CVE-2020-35141
was published
for
ryu
(pip)
Aug 11, 2023
RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling
Moderate
CVE-2023-4138
was published
for
rdiffweb
(pip)
Aug 3, 2023
ProTip!
Advisories are also available from the
GraphQL API