Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,167
Maven
5,000+
npm
3,830
NuGet
696
pip
3,508
Pub
12
RubyGems
910
Rust
906
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,045 advisories

Loading
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability Moderate
CVE-2023-42504 was published for apache-superset (pip) Nov 28, 2023
Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file Moderate
CVE-2024-26308 was published for org.apache.commons:commons-compress (Maven) Feb 19, 2024
oscerd astashys
Apache Struts vulnerable to memory exhaustion High
CVE-2023-34396 was published for org.apache.struts:struts2-core (Maven) Jun 14, 2023
Apache Struts vulnerable to memory exhaustion Moderate
CVE-2023-34149 was published for org.apache.struts:struts2-core (Maven) Jun 14, 2023
Rack has possible DoS Vulnerability in Multipart MIME parsing High
CVE-2023-27530 was published for rack (RubyGems) Mar 8, 2023
Apache Commons FileUpload denial of service vulnerability High
CVE-2023-24998 was published for commons-fileupload:commons-fileupload (Maven) Feb 20, 2023
sunSUNQ westonsteimel
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution... Critical Unreviewed
CVE-2023-0568 was published Feb 16, 2023
CWE-770: Allocation of Resources Without Limits or Throttling vulnerability exists that could... High Unreviewed
CVE-2025-1059 was published Feb 13, 2025
Multipart form parsing can consume large amounts of CPU and memory when processing form inputs... High Unreviewed
CVE-2023-24536 was published Apr 6, 2023
A denial of service vulnerability in GitLab CE/EE affecting all versions from 14.1 prior to 17.6... Moderate Unreviewed
CVE-2024-12379 was published Feb 12, 2025
Possible DoS by memory exhaustion in net-imap Moderate
CVE-2025-25186 was published for net-imap (RubyGems) Feb 10, 2025
manunio
Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2024-38286 was published for org.apache.tomcat:tomcat-util (Maven) Nov 7, 2024
Aten PE8108 2.4.232 is vulnerable to denial of service (DOS). Moderate Unreviewed
CVE-2023-25414 was published Apr 11, 2023
An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an attacker to cause a denial of... High Unreviewed
CVE-2023-27191 was published Apr 11, 2023
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS... Moderate Unreviewed
CVE-2024-54658 was published Feb 10, 2025
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before... High Unreviewed
CVE-2018-15472 was published Apr 16, 2023
An issue found in POWERAMP 925-bundle-play and Poweramp 954-uni allows a remote attacker to cause... High Unreviewed
CVE-2023-27643 was published Apr 14, 2023
An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a denial of service... High Unreviewed
CVE-2023-27653 was published Apr 14, 2023
Connection leaking on idle timeout when TCP congested High
CVE-2024-22201 was published for org.eclipse.jetty.http2:http2-common (Maven) Feb 26, 2024
luffy1949
An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology... Moderate Unreviewed
CVE-2024-57672 was published Feb 6, 2025
An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology... Moderate Unreviewed
CVE-2024-57673 was published Feb 6, 2025
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it... High Unreviewed
CVE-2024-12705 was published Jan 30, 2025
TiKV 6.1.2 allows remote attackers to cause a denial of service (fatal error, with RpcStatus... High Unreviewed
CVE-2023-30636 was published Apr 14, 2023
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed
CVE-2025-1072 was published Feb 7, 2025
Withdrawn Advisory: github.com/hashicorp/yamux's DefaultConfig has dangerous defaults causing hung Read Moderate
GHSA-29qp-crvh-w22m was published for github.com/hashicorp/yamux (Go) Jan 29, 2025 withdrawn
finnigja
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database