GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,362
Erlang
33
GitHub Actions
22
Go
2,131
Maven
5,000+
npm
3,795
NuGet
686
pip
3,473
Pub
12
RubyGems
896
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
1,065 advisories
Filter by severity
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21732
was published
for
tensorflow
(pip)
Feb 10, 2022
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation...
Moderate
Unreviewed
CVE-2024-31152
was published
Oct 30, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46891
was published
Nov 12, 2024
DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value
Moderate
CVE-2023-6681
was published
for
jwcrypto
(pip)
Dec 28, 2023
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Moderate
CVE-2024-8184
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 14, 2024
Abort caused by allocating a vector that is too large in Tensorflow
Moderate
CVE-2022-23580
was published
for
tensorflow
(pip)
Feb 7, 2022
Undertow Denial of Service vulnerability
Moderate
CVE-2023-1973
was published
for
io.undertow:undertow-core
(Maven)
Nov 7, 2024
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC...
Moderate
Unreviewed
CVE-2023-42670
was published
Nov 3, 2023
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7...
Moderate
Unreviewed
CVE-2024-10599
was published
Nov 1, 2024
mapshaper Path Traversal vulnerability
Moderate
CVE-2024-1163
was published
for
mapshaper
(npm)
Feb 13, 2024
Denial of service in langchain-community
Moderate
CVE-2024-2965
was published
for
langchain
(pip)
Jun 6, 2024
Gnark out-of-memory during deserialization with crafted inputs
Moderate
CVE-2024-50354
was published
for
github.com/consensys/gnark
(Go)
Oct 31, 2024
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow...
Moderate
Unreviewed
CVE-2024-20526
was published
Oct 23, 2024
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to...
Moderate
Unreviewed
CVE-2024-50311
was published
Oct 22, 2024
Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters
Moderate
CVE-2024-45230
was published
for
Django
(pip)
Oct 8, 2024
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder
Moderate
CVE-2024-25112
was published
for
exiv2
(pip)
Oct 17, 2024
An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow...
Moderate
Unreviewed
CVE-2023-6450
was published
Jan 19, 2024
Bref's Uploaded Files Not Deleted in Event-Driven Functions
Moderate
CVE-2024-24752
was published
for
bref/bref
(Composer)
Feb 1, 2024
The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) through 2022-06-27...
Moderate
Unreviewed
CVE-2022-40306
was published
Sep 16, 2022
A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or...
Moderate
Unreviewed
CVE-2024-3508
was published
Apr 25, 2024
Plone Authenticated Denial of Service vulnerability
Moderate
CVE-2013-4188
was published
for
plone
(pip)
May 17, 2022
Eclipse Jetty has a denial of service vulnerability on DosFilter
Moderate
CVE-2024-9823
was published
for
org.eclipse.jetty.ee10:jetty-ee10-servlets
(Maven)
Oct 14, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-45736
was published
Oct 14, 2024
Uncontrolled Resource Consumption in pyftpdlib
Moderate
CVE-2009-5013
was published
for
pyftpdlib
(pip)
May 2, 2022
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request...
Moderate
Unreviewed
CVE-2023-45802
was published
Oct 23, 2023
ProTip!
Advisories are also available from the
GraphQL API