GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
740 advisories
Filter by severity
Rdiffweb Allocation of Resources Without Limits or Throttling vulnerability
High
CVE-2023-5289
was published
for
rdiffweb
(pip)
Sep 29, 2023
A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series...
High
Unreviewed
CVE-2023-20033
was published
Sep 27, 2023
snappy-java's missing upper bound check on chunk length can lead to Denial of Service (DoS) impact
High
CVE-2023-43642
was published
for
org.xerial.snappy:snappy-java
(Maven)
Sep 25, 2023
plone.rest vulnerable to Denial of Service when ++api++ is used many times
High
CVE-2023-42457
was published
for
plone.rest
(pip)
Sep 21, 2023
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port...
Critical
Unreviewed
CVE-2023-43632
was published
Sep 21, 2023
Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input
High
CVE-2023-37279
was published
for
github.com/contribsys/faktory
(Go)
Sep 20, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in the RCPbind service running on UDP port (111),...
High
Unreviewed
CVE-2022-47562
was published
Sep 20, 2023
When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed...
High
Unreviewed
CVE-2023-38039
was published
Sep 15, 2023
Strapi Improper Rate Limiting vulnerability
High
CVE-2023-38507
was published
for
@strapi/admin
(npm)
Sep 13, 2023
RKE2 supervisor port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attack
High
CVE-2023-32186
was published
for
github.com/rancher/rke2
(Go)
Sep 11, 2023
K3s apiserver port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attack
High
CVE-2023-32187
was published
for
github.com/k3s-io/k3s
(Go)
Sep 11, 2023
When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in...
Moderate
Unreviewed
CVE-2023-4578
was published
Sep 11, 2023
QUIC connections do not set an upper bound on the amount of data buffered when reading post...
High
Unreviewed
CVE-2023-39322
was published
Sep 8, 2023
An improper resource allocation vulnerability exists in the OAS Engine configuration management...
Moderate
Unreviewed
CVE-2023-34994
was published
Sep 5, 2023
An adversary could crash the entire device by sending a large quantity of ICMP requests if the...
High
Unreviewed
CVE-2023-40709
was published
Aug 24, 2023
An adversary could cause a continuous restart loop to the entire device by sending a large...
High
Unreviewed
CVE-2023-40710
was published
Aug 24, 2023
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability...
Moderate
Unreviewed
CVE-2022-48064
was published
Aug 22, 2023
FaucetSDN Ryu Denial of Service Vulnerability
High
CVE-2020-35139
was published
for
ryu
(pip)
Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability
High
CVE-2020-35141
was published
for
ryu
(pip)
Aug 11, 2023
SUCHMOKUO node-worker-threads-pool denial of service Vulnerability
Moderate
CVE-2021-29057
was published
for
node-worker-threads-pool
(npm)
Aug 11, 2023
libp2p nodes vulnerable to attack using large RSA keys
High
CVE-2023-39533
was published
for
github.com/libp2p/go-libp2p
(Go)
Aug 9, 2023
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801,...
High
Unreviewed
CVE-2023-39269
was published
Aug 8, 2023
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35...
Moderate
Unreviewed
CVE-2023-38532
was published
Aug 8, 2023
RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling
Moderate
CVE-2023-4138
was published
for
rdiffweb
(pip)
Aug 3, 2023
ProTip!
Advisories are also available from the
GraphQL API