GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
49 advisories
Filter by severity
vLLM Denial of Service via the best_of parameter
Moderate
CVE-2024-8939
was published
for
vllm
(pip)
Sep 17, 2024
Django memory consumption vulnerability
Moderate
CVE-2024-41989
was published
for
Django
(pip)
Aug 7, 2024
zipp Denial of Service vulnerability
Moderate
CVE-2024-5569
was published
for
zipp
(pip)
Jul 9, 2024
Improper line feed handling in zenml
Moderate
CVE-2024-4460
was published
for
zenml
(pip)
Jun 24, 2024
Denial of service in langchain-community
Moderate
CVE-2024-2965
was published
for
langchain-community
(pip)
Jun 6, 2024
Duplicate Advisory: Apache Superset uncontrolled resource consumption
Moderate
CVE-2024-23952
was published
for
apache-superset
(pip)
May 30, 2024
•
withdrawn
python-jose denial of service via compressed JWE content
Moderate
CVE-2024-33664
was published
for
python-jose
(pip)
Apr 26, 2024
Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode
Moderate
CVE-2024-3651
was published
for
idna
(pip)
Apr 11, 2024
DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value
Moderate
CVE-2023-6681
was published
for
jwcrypto
(pip)
Dec 28, 2023
Apache Superset uncontrolled resource consumption
Moderate
CVE-2023-46104
was published
for
apache-superset
(pip)
Dec 19, 2023
Ethereum ABI decoder DoS when parsing ZST
Moderate
GHSA-rqr8-pxh7-cq3g
was published
for
eth-abi
(pip)
Nov 24, 2023
Django Denial-of-service in django.utils.text.Truncator
Moderate
CVE-2023-43665
was published
for
Django
(pip)
Nov 3, 2023
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri
Moderate
CVE-2023-41164
was published
for
django
(pip)
Nov 3, 2023
Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning
Moderate
CVE-2023-46136
was published
for
werkzeug
(pip)
Oct 25, 2023
Withdrawn: scipy memory leak vulnerability
Moderate
CVE-2023-25399
was published
for
scipy
(pip)
Jul 5, 2023
•
withdrawn
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files
Moderate
CVE-2023-28837
was published
for
wagtail
(pip)
Apr 3, 2023
openstack-neutron uncontrolled resource consumption flaw
Moderate
CVE-2022-3277
was published
for
neutron
(pip)
Mar 7, 2023
MultipartParser denial of service with too many fields or files
Moderate
GHSA-74m5-2c7w-9w3x
was published
for
starlette
(pip)
Feb 14, 2023
Denial of service in `tf.ragged.constant` due to lack of validation
Moderate
CVE-2022-29202
was published
for
tensorflow
(pip)
May 24, 2022
MoinMoin Denial of Service vulnerability via password_checker function
Moderate
CVE-2008-6549
was published
for
moin
(pip)
May 17, 2022
Zope Denial of Service (DoS) vulnerability in ZServer
Moderate
CVE-2010-3198
was published
for
Zope
(pip)
May 17, 2022
Plone Authenticated Denial of Service vulnerability
Moderate
CVE-2013-4188
was published
for
plone
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API