Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

28 advisories

Loading
Django potential denial of service vulnerability in UsernameField on Windows High
CVE-2023-46695 was published for Django (pip) Nov 2, 2023
Django contains Uncontrolled Resource Consumption via cached header High
CVE-2023-23969 was published for django (pip) Feb 1, 2023
MarkLee131
Uncontrolled Memory Consumption in Django High
CVE-2019-6975 was published for Django (pip) Feb 12, 2019
tdunlap607
Django database denial-of-service with ModelMultipleChoiceField High
CVE-2015-0222 was published for Django (pip) May 17, 2022
MarkLee131
Django Denial-of-service possibility with strip_tags High
CVE-2015-2316 was published for Django (pip) May 14, 2022
MarkLee131
Django Denial-of-service by filling session store High
CVE-2015-5143 was published for Django (pip) Jul 5, 2019
MarkLee131
Django vulnerable to Denial of Service High
CVE-2024-39614 was published for Django (pip) Jul 10, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
Excessive Iteration in gRPC High
CVE-2023-33953 was published for grpc (RubyGems) Aug 9, 2023
levpachmanov
DOS attack in Pillow when processing specially crafted image files High
CVE-2019-16865 was published for pillow (pip) Oct 22, 2019
sunSUNQ
Pillow Denial of Service vulnerability High
CVE-2023-44271 was published for pillow (pip) Nov 3, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35141 was published for ryu (pip) Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35139 was published for ryu (pip) Aug 11, 2023
plone.rest vulnerable to Denial of Service when ++api++ is used many times High
CVE-2023-42457 was published for plone.rest (pip) Sep 21, 2023
Rdiffweb Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2023-5289 was published for rdiffweb (pip) Sep 29, 2023
Products.CMFCore unauthenticated denial of service and crash via unchecked use of input with Python's marshal module High
CVE-2023-36814 was published for Products.CMFCore (pip) Jul 5, 2023
Twisted SSH client and server deny of service during SSH handshake. High
CVE-2022-21716 was published for twisted (pip) Mar 3, 2022
Idan-D vin01
High resource usage when parsing multipart form data with many fields High
CVE-2023-25577 was published for Werkzeug (pip) Feb 15, 2023
das7pad
ReDOS in Mpmath High
CVE-2021-29063 was published for mpmath (pip) Aug 9, 2021
bryan-rhm
Uncontrolled Resource Consumption in asyncua and opcua High
CVE-2022-25304 was published for asyncua (pip) Aug 24, 2022
GoetzGoerisch tdunlap607
Denial of service vulnerability when parsing multipart request body High
CVE-2023-25578 was published for starlite (pip) Feb 15, 2023
das7pad
Denial of service vulnerability on Password reset page High
CVE-2023-25171 was published for kiwitcms (pip) Feb 15, 2023
mosaa404
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks High
CVE-2022-3273 was published for rdiffweb (pip) Oct 6, 2022
Sydent vulnerable to denial of service attack via memory exhaustion High
CVE-2021-29430 was published for matrix-sydent (pip) Apr 19, 2021
rdiffweb allows unlimited length of root directory name, which could result in DoS High
CVE-2022-3295 was published for rdiffweb (pip) Sep 27, 2022
ProTip! Advisories are also available from the GraphQL API