Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

499 advisories

Loading
Apache Airflow denial of service vulnerability High
CVE-2023-37379 was published for apache-airflow (pip) Aug 23, 2023
webui-aria2 Path Traversal vulnerability High
CVE-2023-39141 was published for webui-aria2 (npm) Aug 22, 2023
JafarAkhondali
rustls-webpki: CPU denial of service in certificate path building High
GHSA-fh2r-99q2-6mmg was published for rustls-webpki (Rust) Aug 22, 2023
Marcono1234
.NET Denial of Service Vulnerability High
CVE-2023-38178 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 9, 2023
.NET Denial of Service Vulnerability High
CVE-2023-38180 was published for Microsoft.AspNetCore.App.Runtime.win-arm64 (NuGet) Aug 9, 2023
mkilgore
Denial of service in jackson-dataformats-text High
CVE-2023-3894 was published for com.fasterxml.jackson.dataformat:jackson-dataformats-text (Maven) Aug 8, 2023
Mochis
goproxy Denial of Service vulnerability High
CVE-2023-37788 was published for github.com/elazarl/goproxy (Go) Jul 18, 2023
avro vulnerable to denial of service via attacker-controlled parameter High
CVE-2023-37475 was published for github.com/hamba/avro (Go) Jul 17, 2023
AdamKorcz
mx-chain-go's relayed transactions always increment nonce High
CVE-2023-34458 was published for github.com/multiversx/mx-chain-go (Go) Jul 13, 2023
is_js vulnerable to Regular Expression Denial of Service High
CVE-2020-26302 was published for is_js (npm) Jul 6, 2023
Coraza has potential denial of service vulnerability High
CVE-2023-40586 was published for github.com/corazawaf/coraza/v2 (Go) Jun 26, 2023
rmb122
YARP Denial of Service Vulnerability High
CVE-2023-33141 was published for Yarp.ReverseProxy (NuGet) Jun 23, 2023
org.nokogiri:nekohtml vulnerable to Uncontrolled Resource Consumption High
CVE-2022-24839 was published for org.nokogiri:nekohtml (Maven) Jun 22, 2023
.NET Denial of Service vulnerability High
CVE-2023-29331 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
jjson vulnerable to stack exhaustion High
CVE-2023-35110 was published for de.grobmeier.json:jjson (Maven) Jun 14, 2023
hjson stack exhaustion vulnerability High
CVE-2023-34620 was published for org.hjson:hjson (Maven) Jun 14, 2023
JSONUtil vulnerable to stack exhaustion High
CVE-2023-34615 was published for net.pwall.json:jsonutil (Maven) Jun 14, 2023
pbjson vulnerable to stack exhaustion High
CVE-2023-34616 was published for com.progsbase.libraries:JSON (Maven) Jun 14, 2023
genson vulnerable to stack exhaustion High
CVE-2023-34617 was published for com.owlike:genson (Maven) Jun 14, 2023
json-io vulnerable to stack exhaustion High
CVE-2023-34610 was published for com.cedarsoftware:json-io (Maven) Jun 14, 2023
aantonel-sysdig
jsonij vulnerable to stack exhaustion High
CVE-2023-34614 was published for cc.plural:jsonij (Maven) Jun 14, 2023
ph-json vulnerable to stack exhaustion High
CVE-2023-34612 was published for com.helger.commons:ph-json (Maven) Jun 14, 2023
sojo vulnerable to stack exhaustion High
CVE-2023-34613 was published for net.sf.sojo:sojo (Maven) Jun 14, 2023
htmlcleaner vulnerable to stack exhaustion High
CVE-2023-34624 was published for net.sourceforge.htmlcleaner:htmlcleaner (Maven) Jun 14, 2023
onmyquest
Spring Boot Welcome Page Denial of Service High
CVE-2023-20883 was published for org.springframework.boot:spring-boot-autoconfigure (Maven) May 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database