GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
43 advisories
Filter by severity
Werkzeug possible resource exhaustion when parsing file data in forms
Moderate
CVE-2024-49767
was published
for
Quart
(pip)
Oct 25, 2024
Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning
Moderate
CVE-2023-46136
was published
for
werkzeug
(pip)
Oct 25, 2023
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files
Moderate
CVE-2023-28837
was published
for
wagtail
(pip)
Apr 3, 2023
Catastrophic backtracking in regex allows Denial of Service in Waitress
Moderate
CVE-2020-5236
was published
for
waitress
(pip)
Feb 4, 2020
wasm3 uncontrolled memory allocation vulnerability
Moderate
CVE-2024-27529
was published
for
github.com/shareup/wasm-interpreter-apple
(pip)
Nov 9, 2024
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21733
was published
for
tensorflow
(pip)
Feb 10, 2022
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21732
was published
for
tensorflow
(pip)
Feb 10, 2022
DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value
Moderate
CVE-2023-6681
was published
for
jwcrypto
(pip)
Dec 28, 2023
Abort caused by allocating a vector that is too large in Tensorflow
Moderate
CVE-2022-23580
was published
for
tensorflow
(pip)
Feb 7, 2022
Denial of service in langchain-community
Moderate
CVE-2024-2965
was published
for
langchain
(pip)
Jun 6, 2024
Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters
Moderate
CVE-2024-45230
was published
for
Django
(pip)
Oct 8, 2024
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder
Moderate
CVE-2024-25112
was published
for
exiv2
(pip)
Oct 17, 2024
Plone Authenticated Denial of Service vulnerability
Moderate
CVE-2013-4188
was published
for
plone
(pip)
May 17, 2022
Uncontrolled Resource Consumption in pyftpdlib
Moderate
CVE-2009-5013
was published
for
pyftpdlib
(pip)
May 2, 2022
plone.rest vulnerable to Denial of Service when ++api++ is used many times
Moderate
CVE-2023-42457
was published
for
plone.rest
(pip)
Sep 21, 2023
Regular Expression Denial of Service (ReDoS) in Pillow
Moderate
CVE-2021-25292
was published
for
Pillow
(pip)
Mar 29, 2021
Denial of service attack via push rule patterns in matrix-synapse
Moderate
CVE-2021-29471
was published
for
matrix-synapse
(pip)
May 13, 2021
Denial of service attack via .well-known lookups
Moderate
CVE-2021-21274
was published
for
matrix-synapse
(pip)
Mar 1, 2021
Regular Expression Denial of Service (ReDoS) in Jinja2
Moderate
CVE-2020-28493
was published
for
jinja2
(pip)
Mar 19, 2021
Sydent DoS (via resource exhaustion) due to improper input validation
Moderate
CVE-2021-29433
was published
for
matrix-sydent
(pip)
Apr 16, 2021
Improper Handling of Highly Compressed Data (Data Amplification) and Memory Allocation with Excessive Size Value in eventlet
Moderate
CVE-2021-21419
was published
for
eventlet
(pip)
May 7, 2021
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri
Moderate
CVE-2023-41164
was published
for
django
(pip)
Nov 3, 2023
Django is vulnerable to Denial of Service attack in formset
Moderate
CVE-2013-0306
was published
for
Django
(pip)
May 5, 2022
vLLM Denial of Service via the best_of parameter
Moderate
CVE-2024-8939
was published
for
vllm
(pip)
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API