GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
27 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions from 9.4 before 17.4.6, 17.5...
High
Unreviewed
CVE-2024-8233
was published
Dec 12, 2024
league/commonmark's quadratic complexity bugs may lead to a denial of service
High
GHSA-c2pc-g5qf-rfrf
was published
for
league/commonmark
(Composer)
Dec 9, 2024
A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13...
Moderate
Unreviewed
CVE-2024-11828
was published
Nov 26, 2024
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior...
Moderate
Unreviewed
CVE-2024-8237
was published
Nov 26, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.4.5...
Moderate
Unreviewed
CVE-2024-8177
was published
Nov 26, 2024
A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco ...
Moderate
Unreviewed
CVE-2020-3548
was published
Nov 18, 2024
Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability
High
CVE-2024-43485
was published
for
System.Text.Json
(NuGet)
Oct 8, 2024
Microsoft Security Advisory CVE-2024-43484 | .NET Denial of Service Vulnerability
High
CVE-2024-43484
was published
for
System.IO.Packaging
(NuGet)
Oct 8, 2024
Microsoft Security Advisory CVE-2024-43483 | .NET Denial of Service Vulnerability
High
CVE-2024-43483
was published
for
Microsoft.Extensions.Caching.Memory
(NuGet)
Oct 8, 2024
In lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the string hashing function (used during...
Moderate
Unreviewed
CVE-2024-39702
was published
Jul 23, 2024
The dormakaba Saflok system before the November 2023 software update allows an attacker to unlock...
Moderate
Unreviewed
CVE-2024-29916
was published
Mar 21, 2024
Inefficient Algorithmic Complexity in com.upokecenter:cbor
High
CVE-2024-23684
was published
for
com.upokecenter:cbor
(Maven)
Jan 19, 2024
Duplicate Advisory: Denial of service in CBOR library
High
GHSA-hf3r-vmrv-7w29
was published
for
PeterO.Cbor
(NuGet)
Jan 3, 2024
•
withdrawn
Several quadratic complexity bugs may lead to denial of service in Commonmarker
Moderate
GHSA-7vh7-fw88-wj87
was published
for
commonmarker
(RubyGems)
Aug 8, 2023
Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity.
High
Unreviewed
CVE-2023-38285
was published
Jul 26, 2023
PyPDF2 quadratic runtime with malformed PDF missing xref marker
Moderate
CVE-2023-36810
was published
for
PyPDF2
(pip)
Jun 30, 2023
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This...
Moderate
Unreviewed
CVE-2023-2473
was published
May 2, 2023
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one...
High
Unreviewed
CVE-2022-45061
was published
Nov 9, 2022
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU...
High
Unreviewed
CVE-2019-19331
was published
May 24, 2022
An issue was discovered in Total.js CMS 12.0.0. A low privilege user can perform a simple...
Moderate
Unreviewed
CVE-2019-15955
was published
May 24, 2022
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4...
High
Unreviewed
CVE-2017-11343
was published
May 17, 2022
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity...
High
Unreviewed
CVE-2016-10396
was published
May 17, 2022
The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to...
High
Unreviewed
CVE-2018-12558
was published
May 14, 2022
Inefficient Algorithmic Complexity in Apache Santuario XML Security
Moderate
CVE-2013-2172
was published
for
org.apache.santuario:xmlsec
(Maven)
May 13, 2022
Denial of service in CBOR library
High
CVE-2024-21909
was published
for
PeterO.Cbor
(NuGet)
Jan 21, 2022
ProTip!
Advisories are also available from the
GraphQL API