Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,358
Erlang
33
GitHub Actions
22
Go
2,122
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

509 advisories

Loading
TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error, with RpcStatus... High Unreviewed
CVE-2023-30636 was published Apr 14, 2023
Spring Framework vulnerable to denial of service High
CVE-2023-20863 was published for org.springframework:spring-expression (Maven) Apr 13, 2023
amita-seal sunSUNQ
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 ... High Unreviewed
CVE-2022-43768 was published Apr 11, 2023
An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an attacker to cause a denial of... High Unreviewed
CVE-2023-27191 was published Apr 11, 2023
Multipart form parsing can consume large amounts of CPU and memory when processing form inputs... High Unreviewed
CVE-2023-24536 was published Apr 6, 2023
GraphQL Java vulnerable to stack consumption High
CVE-2023-28867 was published for com.graphql-java:graphql-java (Maven) Mar 27, 2023
crewjam/saml vulnerable to Denial Of Service Via Deflate Decompression Bomb High
CVE-2023-28119 was published for github.com/crewjam/saml (Go) Mar 22, 2023
nszetei
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple... High Unreviewed
CVE-2022-42333 was published Mar 21, 2023
DDOS attack on graphql endpoints High
CVE-2023-28104 was published for silverstripe/graphql (Composer) Mar 16, 2023
GuySartorelli
Denial of service in Jenkins Core High
CVE-2023-27901 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 10, 2023
westonsteimel
Rack has possible DoS Vulnerability in Multipart MIME parsing High
CVE-2023-27530 was published for rack (RubyGems) Mar 8, 2023
A denial of service is possible from excessive resource consumption in net/http and mime... High Unreviewed
CVE-2022-41725 was published Feb 28, 2023
notation-go has excessive memory allocation on verification High
CVE-2023-25656 was published for github.com/notaryproject/notation-go (Go) Feb 22, 2023
AdamKorcz shizhMSFT
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method... High Unreviewed
CVE-2022-31394 was published Feb 21, 2023
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification... High Unreviewed
CVE-2023-26249 was published Feb 21, 2023
Apache Commons FileUpload denial of service vulnerability High
CVE-2023-24998 was published for commons-fileupload:commons-fileupload (Maven) Feb 20, 2023
sunSUNQ westonsteimel
Denial of service vulnerability on Password reset page High
CVE-2023-25171 was published for kiwitcms (pip) Feb 15, 2023
mosaa404
Denial of service vulnerability when parsing multipart request body High
CVE-2023-25578 was published for starlite (pip) Feb 15, 2023
das7pad
High resource usage when parsing multipart form data with many fields High
CVE-2023-25577 was published for Werkzeug (pip) Feb 15, 2023
das7pad
Denial of service due to unlimited number of parts High
CVE-2023-25576 was published for @fastify/multipart (npm) Feb 14, 2023
das7pad
Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non... High Unreviewed
CVE-2022-40513 was published Feb 12, 2023
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via... High Unreviewed
CVE-2023-25193 was published Feb 4, 2023
Django contains Uncontrolled Resource Consumption via cached header High
CVE-2023-23969 was published for django (pip) Feb 1, 2023
MarkLee131
In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x... High Unreviewed
CVE-2023-22323 was published Feb 1, 2023
Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4... High Unreviewed
CVE-2023-23846 was published Feb 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database