GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,341 advisories
Filter by severity
Denial of Service Vulnerability in Action View
High
CVE-2019-5419
was published
for
actionview
(RubyGems)
Mar 13, 2019
DoS due to excessively large websocket message in ws
High
CVE-2016-10542
was published
for
ws
(npm)
Feb 18, 2019
Regular Expression Denial of Service in riot-compiler
High
CVE-2016-10527
was published
for
riot-compiler
(npm)
Feb 18, 2019
Denial of Service and Content Injection in i18n-node-angular
High
CVE-2016-10524
was published
for
i18n-node-angular
(npm)
Feb 18, 2019
Regular Expression Denial of Service in jshamcrest
High
CVE-2016-10521
was published
for
jshamcrest
(npm)
Feb 18, 2019
Denial of Service in mqtt-packet
High
CVE-2016-10523
was published
for
mqtt-packet
(npm)
Feb 18, 2019
Regular Expression Denial of Service in jadedown
Low
CVE-2016-10520
was published
for
jadedown
(npm)
Feb 18, 2019
Prototype Pollution in node.extend
Critical
CVE-2018-16491
was published
for
node.extend
(npm)
Feb 7, 2019
Prototype Pollution in just-extend
Critical
CVE-2018-16489
was published
for
just-extend
(npm)
Feb 7, 2019
Prototype Pollution in defaults-deep
Critical
CVE-2018-16486
was published
for
defaults-deep
(npm)
Feb 7, 2019
PyKMIP Denial of service vulnerability
Moderate
CVE-2018-1000872
was published
for
pykmip
(pip)
Dec 21, 2018
Rack vulnerable to Denial of Service
High
CVE-2018-16470
was published
for
rack
(RubyGems)
Nov 15, 2018
Uncontrolled Resource Consumption in spray-json when parsing decimal digit fields
High
CVE-2018-18853
was published
for
io.spray:spray-json_2.10
(Maven)
Nov 9, 2018
Uncontrolled Resource Consumption in spray-json
High
CVE-2018-18854
was published
for
io.spray:spray-json_2.10
(Maven)
Nov 9, 2018
Prototype Pollution in cached-path-relative
High
CVE-2018-16472
was published
for
cached-path-relative
(npm)
Nov 7, 2018
High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12
High
CVE-2018-16131
was published
for
com.typesafe.akka:akka-http-core_2.11
(Maven)
Oct 22, 2018
Apache Qpid Broker-J vulnerable to Denial of Service (DoS) via uncontrolled resource consumption
High
CVE-2017-15701
was published
for
org.apache.qpid:qpid-broker
(Maven)
Oct 19, 2018
Keycloak vulnerable to uncontrolled resource consumption
High
CVE-2014-3651
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
In Apache PDFBox a carefully crafted PDF file can trigger an extremely long running computation
Moderate
CVE-2018-11797
was published
for
org.apache.pdfbox:pdfbox
(Maven)
Oct 17, 2018
Denial of Service via malformed accept-encoding header in hapi
High
CVE-2017-16013
was published
for
hapi
(npm)
Oct 9, 2018
ProTip!
Advisories are also available from the
GraphQL API