Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

947 advisories

Loading
MoinMoin Denial of Service vulnerability via password_checker function High
CVE-2008-6549 was published for moin (pip) May 17, 2022
Zope Denial of Service (DoS) vulnerability in ZServer High
CVE-2010-3198 was published for Zope (pip) May 17, 2022
Ejabberd DoS via malformed stanza Moderate
CVE-2011-4320 was published for ejabberd (Erlang) May 17, 2022
Apache Sling POST Servlets Denial of Service Vulnerability Moderate
CVE-2012-2138 was published for org.apache.sling:org.apache.sling.servlets.post (Maven) May 17, 2022
Django Image Field Vulnerable to Image Decompression Bombs High
CVE-2012-3443 was published for Django (pip) May 17, 2022
FriendsOfSymfony FOSUserBundle denial of service via login form Moderate
CVE-2013-5750 was published for friendsofsymfony/user-bundle (Composer) May 17, 2022
Rack Gem Subject to Denial of Service via Hash Collisions Moderate
CVE-2011-5036 was published for org.jruby:jruby-parent (RubyGems) May 17, 2022
Django Denial of Service Vulnerability in the authentication framework High
CVE-2013-1443 was published for Django (pip) May 17, 2022
Plone Authenticated Denial of Service vulnerability Moderate
CVE-2013-4188 was published for plone (pip) May 17, 2022
Plone Denial of Service vulnerability via decompressing large zip archives Low
CVE-2013-4199 was published for plone (pip) May 17, 2022
Ignite Realtime Openfire vulnerable to XMPPbomb attack High
CVE-2014-2741 was published for org.igniterealtime.openfire:parent (Maven) May 17, 2022
Plone DoS via Crafted URL High
CVE-2012-5496 was published for plone (pip) May 17, 2022
Plone denial of service via RSS Feed Request High
CVE-2012-5506 was published for plone (pip) May 17, 2022
JRuby denial of service via Hash Collision Moderate
CVE-2012-5370 was published for org.jruby:jruby-parent (Maven) May 17, 2022
Plone denial of service via Caching Bypass High
CVE-2012-5498 was published for Plone (pip) May 17, 2022
Apache ActiveMQ default configuration subject to denial of service Moderate
CVE-2012-6551 was published for org.apache.activemq:activemq-web-demo (Maven) May 17, 2022
sunSUNQ
Credited to sunSUNQ
PHP OpenID Library Denial of Service vulnerability High
CVE-2013-4701 was published for openid/php-openid (Composer) May 17, 2022
OpenStack Image Service (Glance) allows remote authenticated users to bypass storage quota, cause denial of service Moderate
CVE-2015-5286 was published for glance (pip) May 17, 2022
Ruby vulnerable to denial of service Moderate
CVE-2013-1821 was published for org.jruby:jruby (Maven) May 17, 2022
Django DoS in django.views.static.serve High
CVE-2015-0221 was published for Django (pip) May 17, 2022
sunSUNQ
Credited to sunSUNQ
ws-xmlrpc DoS Vulnerability Moderate
CVE-2016-5004 was published for org.apache.xmlrpc:xmlrpc-common (Maven) May 17, 2022
Scrapy denial of service vulnerability High
CVE-2017-14158 was published for scrapy (pip) May 17, 2022
jhutchings1 G-Rath
ayatweb Matthew-Grayson
Credited to jhutchings1, G-Rath, ayatweb, and Matthew-Grayson
Designate mDNS DoS through incorrect handling of large RecordSets High
CVE-2015-5695 was published for designate (pip) May 17, 2022
Django ReDoS in validators.URLValidator High
CVE-2015-5145 was published for Django (pip) May 17, 2022
SaltStack Salt Denial of Service via a crafted authentication request High
CVE-2017-14696 was published for salt (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database