Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

947 advisories

Loading
Apache Tika vulnerable to uncontrolled memory consumption Moderate
CVE-2022-25169 was published for org.apache.tika:tika (Maven) May 17, 2022
OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption High
CVE-2015-5162 was published for cinder (pip) May 14, 2022
phpMyAdmin Denial Of Service (DOS) attack High
CVE-2016-5706 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
decsecre583
Credited to decsecre583
Django denial of service via file upload naming High
CVE-2014-0481 was published for Django (pip) May 14, 2022
Apache Tomcat Denial of Service vulnerability Moderate
CVE-2013-4322 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
Integer Overflow or Wraparound in Apache Tomcat Moderate
CVE-2014-0075 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
Uncontrolled Resource Consumption in Apache Tomcat High
CVE-2014-0230 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
RubyGems Regular Expression Denial of Service vulnerability Moderate
CVE-2013-4287 was published for rubygems-update (RubyGems) May 14, 2022
Puppet Denial of Service and Arbitrary File Write Low
CVE-2012-1987 was published for puppet (RubyGems) May 14, 2022
Apache OpenMeetings vulnerable to Uncontrolled Resource Consumption High
CVE-2017-7684 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 13, 2022
OpenStack Nova DoS by rebuilding the same instance with a new image multiple times High
CVE-2017-17051 was published for nova (pip) May 13, 2022
JBossWS vulnerable to uncontrolled recursion Low
CVE-2011-1483 was published for org.jboss.ws:jbossws-common (Maven) May 13, 2022
Red Hat Wildfly DoS High
CVE-2016-9589 was published for org.wildfly:wildfly-undertow (Maven) May 13, 2022
Uncontrolled Resource Consumption in Undertow Moderate
CVE-2018-1114 was published for io.undertow:undertow-core (Maven) May 13, 2022
Command Injection in VIVO Vitro High
CVE-2019-6986 was published for org.vivoweb:vitro-project (Maven) May 13, 2022
Uncontrolled Resource Consumption in Artemis and HornetQ High
CVE-2017-12174 was published for org.apache.activemq:artemis-native (Maven) May 13, 2022
Uncontrolled Resource Consumption in Apache CXF Moderate
CVE-2014-0109 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Uncontrolled Resource Consumption in Apache CXF Moderate
CVE-2014-0110 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Apache Traffic Control vulnerable to Slowloris-style Denial of Service attack High
CVE-2017-7670 was published for github.com/apache/trafficcontrol (Go) May 13, 2022
Uncontrolled Resource Consumption in Apache ZooKeeper High
CVE-2017-5637 was published for org.apache.zookeeper:zookeeper (Maven) May 13, 2022
Apache Geronimo Hash Collisions Cause DoS High
CVE-2011-5034 was published for org.apache.geronimo:geronimo (Maven) May 13, 2022
Uncontrolled Resource Consumption in Apache Commons Compress Moderate
CVE-2012-2098 was published for org.apache.commons:commons-compress (Maven) May 13, 2022
MarkLee131
Credited to MarkLee131
Apache Tomcat EncryptInterceptor error leads to Uncontrolled Resource Consumption High
CVE-2022-29885 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Django is vulnerable to Denial of Service attack in formset Moderate
CVE-2013-0306 was published for Django (pip) May 5, 2022
Denial of Service in Apache POI Moderate
CVE-2012-0213 was published for org.apache.poi:poi (Maven) May 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database