Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

49 advisories

Loading
Uncontrolled Memory Consumption in Django High
CVE-2019-6975 was published for Django (pip) Feb 12, 2019
tdunlap607
Django Denial-of-service by filling session store High
CVE-2015-5143 was published for Django (pip) Jul 5, 2019
MarkLee131
DOS attack in Pillow when processing specially crafted image files High
CVE-2019-16865 was published for pillow (pip) Oct 22, 2019
sunSUNQ
Denial of service in tensorflow-lite Moderate
CVE-2020-15213 was published for tensorflow (pip) Sep 25, 2020
Denial of service attack via .well-known lookups Moderate
CVE-2021-21274 was published for matrix-synapse (pip) Mar 1, 2021
mscherer
Sydent vulnerable to denial of service attack via memory exhaustion High
CVE-2021-29430 was published for matrix-sydent (pip) Apr 19, 2021
ReDOS in Mpmath High
CVE-2021-29063 was published for mpmath (pip) Aug 9, 2021
bryan-rhm
Memory exhaustion in Tensorflow Moderate
CVE-2022-21732 was published for tensorflow (pip) Feb 10, 2022
Twisted SSH client and server deny of service during SSH handshake. High
CVE-2022-21716 was published for twisted (pip) Mar 3, 2022
Idan-D vin01
Allocation of Resources Without Limits or Throttling in nvflare High
CVE-2022-21822 was published for nvflare (pip) Mar 18, 2022
Nintorac
pyftpdlib vulnerable to allocation of resources without limits Moderate
CVE-2007-6740 was published for pyftpdlib (pip) May 1, 2022
Django Denial-of-service possibility with strip_tags High
CVE-2015-2316 was published for Django (pip) May 14, 2022
MarkLee131
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
priority vulnerable to denial of service Moderate
CVE-2016-6580 was published for priority (pip) May 17, 2022
Django database denial-of-service with ModelMultipleChoiceField High
CVE-2015-0222 was published for Django (pip) May 17, 2022
MarkLee131
OpenStack os-vif Ageing time of 0 disables linuxbridge MAC learning Critical
CVE-2019-15753 was published for os-vif (pip) May 24, 2022
NFStream Local Denial of Service (DoS) Moderate
CVE-2020-25340 was published for nfstream (pip) May 24, 2022
Uncontrolled Resource Consumption in asyncua and opcua High
CVE-2022-25304 was published for asyncua (pip) Aug 24, 2022
GoetzGoerisch tdunlap607
rdiffweb vulnerable to potential DoS via memory consumption High
CVE-2022-3298 was published for rdiffweb (pip) Sep 27, 2022
rdiffweb allows unlimited length of root directory name, which could result in DoS High
CVE-2022-3295 was published for rdiffweb (pip) Sep 27, 2022
rdiffweb's unlimited length Fullname field can lead to DoS Moderate
CVE-2022-3364 was published for rdiffweb (pip) Sep 30, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption High
CVE-2022-3371 was published for rdiffweb (pip) Oct 1, 2022
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks High
CVE-2022-3273 was published for rdiffweb (pip) Oct 6, 2022
Missing rate limit on rdiffweb Moderate
CVE-2022-3456 was published for rdiffweb (pip) Oct 14, 2022
Missing rate limit on rdiffweb Critical
CVE-2022-3439 was published for rdiffweb (pip) Oct 14, 2022
ProTip! Advisories are also available from the GraphQL API