Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

947 advisories

Loading
tkvideo has a memory issue in playing videos Moderate
CVE-2022-24902 was published for tkvideoplayer (pip) May 3, 2022
Uncontrolled Resource Consumption in pyftpdlib Moderate
CVE-2009-5013 was published for pyftpdlib (pip) May 2, 2022
Django Regex Algorithmic Complexity Causes Denial of Service High
CVE-2009-3695 was published for Django (pip) May 2, 2022
Apache Tomcat Denial of Service via Malformed Request Headers Moderate
CVE-2009-0033 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
WEBrick Denial of Service Vulnerability High
CVE-2008-4310 was published for webrick (RubyGems) May 2, 2022
Django vulnerable to Denial of Service via i18n middleware component High
CVE-2007-5712 was published for Django (pip) May 1, 2022
MarkLee131
Credited to MarkLee131
Trac reStructuredText breach of privacy and denial of service vulnerability High
CVE-2006-3695 was published for trac (pip) May 1, 2022
Apache Tomcat DoS Via Requests Including Null Characters Moderate
CVE-2002-0935 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Zope Server vulnerable to DoS via header injection Moderate
CVE-2002-0687 was published for zope (pip) Apr 30, 2022
Apache James Denial of Service Moderate
CVE-2004-2650 was published for org.apache.james:james-server (Maven) Apr 29, 2022
Jetty HTTP Server Denial of Service vulnerability Moderate
CVE-2004-2381 was published for org.mortbay.jetty:jetty (Maven) Apr 29, 2022
Apache Tomcat Denial of Service vulnerability in the Catalina package Moderate
CVE-2003-0866 was published for org.apache.tomcat:tomcat (Maven) Apr 29, 2022
Jakarta Tomcat Denial of Service vulnerability Moderate
CVE-2003-0045 was published for org.apache.tomcat:tomcat (Maven) Apr 29, 2022
OutOfMemory Exception by specifically crafted processing instruction in NekoHtml Parser High
CVE-2022-29546 was published for net.sourceforge.htmlunit:neko-htmlunit (Maven) Apr 26, 2022
kurt-r2c
Credited to kurt-r2c
Denial of Service in http-swagger High
CVE-2022-24863 was published for github.com/swaggo/http-swagger (Go) Apr 22, 2022
Denial of service in Spring Security OAuth2 Moderate
CVE-2022-22969 was published for org.springframework.security.oauth:spring-security-oauth2 (Maven) Apr 22, 2022
ebickle SunBK201
Credited to ebickle and SunBK201
Resource exhaustion in Mattermost Moderate
CVE-2022-1337 was published for github.com/mattermost/mattermost-server/v6 (Go) Apr 14, 2022
Denial of service Moderate
CVE-2019-16764 was published for pow_assent (Erlang) Apr 12, 2022
Denial of Service (DoS) in Nokogiri on JRuby High
GHSA-gx8x-g87m-h5q6 was published for nokogiri (RubyGems) Apr 11, 2022
Nokogiri Inefficient Regular Expression Complexity High
CVE-2022-24836 was published for nokogiri (RubyGems) Apr 11, 2022
ooooooo-q
Credited to ooooooo-q
Unsafe parsing in SWHKD Moderate
CVE-2022-27819 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 8, 2022
J3rry-1729
Credited to J3rry-1729
Uncontrolled Resource Consumption in Matrix Synapse Moderate
CVE-2022-41952 was published for matrix-synapse (pip) Apr 1, 2022
Uncontrolled Resource Consumption in Apache DolphinScheduler High
CVE-2022-25598 was published for apache-dolphinscheduler (Maven) Mar 31, 2022
RESTEasy 4.5.5.Final in hash flooding High
CVE-2020-14326 was published for org.jboss.resteasy:resteasy-bom (Maven) Mar 18, 2022
Uncontrolled Resource Consumption in jboss-remoting High
CVE-2020-35510 was published for org.jboss.remoting:jboss-remoting (Maven) Mar 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database