GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
947 advisories
rustls-webpki: CPU denial of service in certificate path building
High
GHSA-fh2r-99q2-6mmg
was published
for
rustls-webpki
(Rust)
Aug 22, 2023
SUCHMOKUO node-worker-threads-pool denial of service Vulnerability
Moderate
CVE-2021-29057
was published
for
node-worker-threads-pool
(npm)
Aug 11, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-38180
was published
for
Microsoft.AspNetCore.App.Runtime.win-arm64
(NuGet)
Aug 9, 2023
Denial of service in jackson-dataformat-toml
High
CVE-2023-3894
was published
for
com.fasterxml.jackson.dataformat:jackson-dataformat-toml
(Maven)
Aug 8, 2023
Denial of service from large image
Low
CVE-2023-37900
was published
for
github.com/crossplane/crossplane
(Go)
Jul 28, 2023
Fides Webserver Vulnerable to SVG Bomb File Uploads
Low
CVE-2023-37481
was published
for
ethyca-fides
(pip)
Jul 18, 2023
Fides Webserver Vulnerable to Zip Bomb File Uploads
Low
CVE-2023-37480
was published
for
ethyca-fides
(pip)
Jul 18, 2023
avro vulnerable to denial of service via attacker-controlled parameter
High
CVE-2023-37475
was published
for
github.com/hamba/avro
(Go)
Jul 17, 2023
Coraza has potential denial of service vulnerability
High
CVE-2023-40586
was published
for
github.com/corazawaf/coraza/v2
(Go)
Jun 26, 2023
FastAsyncWorldEdit vulnerable to Uncontrolled Resource Consumption
Moderate
CVE-2023-35925
was published
for
com.fastasyncworldedit:FastAsyncWorldEdit-Bukkit
(Maven)
Jun 22, 2023
netty-handler SniHandler 16MB allocation
Moderate
CVE-2023-34462
was published
for
io.netty:netty-handler
(Maven)
Jun 20, 2023
json-io vulnerable to stack exhaustion
High
CVE-2023-34610
was published
for
com.cedarsoftware:json-io
(Maven)
Jun 14, 2023
ProTip!
Advisories are also available from the
GraphQL API