Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,311 advisories

Loading
Denial of service in Jenkins Core Moderate
CVE-2023-27900 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 10, 2023
westonsteimel
Credited to westonsteimel
Denial of service in Jenkins Core High
CVE-2023-27901 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 10, 2023
westonsteimel
Credited to westonsteimel
Rack has possible DoS Vulnerability in Multipart MIME parsing High
CVE-2023-27530 was published for rack (RubyGems) Mar 8, 2023
A denial of service is possible from excessive resource consumption in net/http and mime... High Unreviewed
CVE-2022-41725 was published Feb 28, 2023
notation-go has excessive memory allocation on verification High
CVE-2023-25656 was published for github.com/notaryproject/notation-go (Go) Feb 22, 2023
AdamKorcz shizhMSFT
Credited to AdamKorcz and shizhMSFT
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method... High Unreviewed
CVE-2022-31394 was published Feb 21, 2023
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification... High Unreviewed
CVE-2023-26249 was published Feb 21, 2023
Apache Commons FileUpload denial of service vulnerability High
CVE-2023-24998 was published for commons-fileupload:commons-fileupload (Maven) Feb 20, 2023
sunSUNQ westonsteimel
Credited to sunSUNQ and westonsteimel
An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a denial of service via the End... Moderate Unreviewed
CVE-2023-24785 was published Feb 17, 2023
Uncontrolled Resource Consumption in golang.org/x/image Moderate
CVE-2022-41727 was published for golang.org/x/image (Go) Feb 17, 2023
OCI image importer memory exhaustion in github.com/containerd/containerd Moderate
CVE-2023-25153 was published for github.com/containerd/containerd (Go) Feb 16, 2023
AdamKorcz DavidKorczynski
Credited to AdamKorcz and DavidKorczynski
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution... Critical Unreviewed
CVE-2023-0568 was published Feb 16, 2023
Denial of service vulnerability on Password reset page High
CVE-2023-25171 was published for kiwitcms (pip) Feb 15, 2023
mosaa404
Credited to mosaa404
Denial of service vulnerability when parsing multipart request body High
CVE-2023-25578 was published for starlite (pip) Feb 15, 2023
das7pad
Credited to das7pad
High resource usage when parsing multipart form data with many fields High
CVE-2023-25577 was published for Werkzeug (pip) Feb 15, 2023
das7pad
Credited to das7pad
Denial of service due to unlimited number of parts High
CVE-2023-25576 was published for @fastify/multipart (npm) Feb 14, 2023
das7pad
Credited to das7pad
Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non... High Unreviewed
CVE-2022-40513 was published Feb 12, 2023
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via... High Unreviewed
CVE-2023-25193 was published Feb 4, 2023
Django contains Uncontrolled Resource Consumption via cached header High
CVE-2023-23969 was published for django (pip) Feb 1, 2023
MarkLee131
Credited to MarkLee131
In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x... High Unreviewed
CVE-2023-22323 was published Feb 1, 2023
Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4... High Unreviewed
CVE-2023-23846 was published Feb 1, 2023
In multiple functions of AutomaticZenRule.java, there is a possible failure to persist... High Unreviewed
CVE-2022-20490 was published Jan 26, 2023
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions... High Unreviewed
CVE-2022-20489 was published Jan 26, 2023
In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions... High Unreviewed
CVE-2022-20456 was published Jan 26, 2023
In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource... Moderate Unreviewed
CVE-2022-20494 was published Jan 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database