Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,037 advisories

Loading
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with... Moderate Unreviewed
CVE-2011-3348 was published May 13, 2022
The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP... Moderate Unreviewed
CVE-2014-0118 was published May 13, 2022
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than... High Unreviewed
CVE-2018-1333 was published May 13, 2022
An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware... High Unreviewed
CVE-2017-9627 was published May 13, 2022
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem.... Moderate Unreviewed
CVE-2019-3874 was published May 13, 2022
Uncontrolled Resource Consumption in Apache CXF Moderate
CVE-2014-0109 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Uncontrolled Resource Consumption in Apache CXF Moderate
CVE-2014-0110 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Apache Traffic Control vulnerable to Slowloris-style Denial of Service attack High
CVE-2017-7670 was published for github.com/apache/trafficcontrol (Go) May 13, 2022
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote... High Unreviewed
CVE-2016-4570 was published May 13, 2022
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote... High Unreviewed
CVE-2016-4571 was published May 13, 2022
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow the... High Unreviewed
CVE-2018-10607 was published May 13, 2022
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to... Moderate Unreviewed
CVE-2018-17189 was published May 13, 2022
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in... High Unreviewed
CVE-2014-3687 was published May 13, 2022
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high... High Unreviewed
CVE-2011-2189 was published May 13, 2022
Uncontrolled Resource Consumption in Apache ZooKeeper High
CVE-2017-5637 was published for org.apache.zookeeper:zookeeper (Maven) May 13, 2022
In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of... Critical Unreviewed
CVE-2019-9750 was published May 13, 2022
Apache Geronimo Hash Collisions Cause DoS High
CVE-2011-5034 was published for org.apache.geronimo:geronimo (Maven) May 13, 2022
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the... Moderate Unreviewed
CVE-2012-0876 was published May 13, 2022
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network... High Unreviewed
CVE-2018-1000115 was published May 13, 2022
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to... Moderate Unreviewed
CVE-2016-5403 was published May 13, 2022
Uncontrolled Resource Consumption in Apache Commons Compress Moderate
CVE-2012-2098 was published for org.apache.commons:commons-compress (Maven) May 13, 2022
MarkLee131
Credited to MarkLee131
An issue was discovered on FiberHome Fengine S5800 switches V210R240. An unauthorized attacker... High Unreviewed
CVE-2017-5544 was published May 13, 2022
A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP... Moderate Unreviewed
CVE-2018-0063 was published May 13, 2022
A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated... Moderate Unreviewed
CVE-2018-14660 was published May 13, 2022
The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service... Moderate Unreviewed
CVE-2018-14659 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database