Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

80 advisories

Loading
Missing rate limit on rdiffweb Moderate
CVE-2022-3456 was published for rdiffweb (pip) Oct 14, 2022
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks High
CVE-2022-3273 was published for rdiffweb (pip) Oct 6, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption High
CVE-2022-3371 was published for rdiffweb (pip) Oct 1, 2022
rdiffweb's unlimited length Fullname field can lead to DoS Moderate
CVE-2022-3364 was published for rdiffweb (pip) Sep 30, 2022
rdiffweb allows unlimited length of root directory name, which could result in DoS High
CVE-2022-3295 was published for rdiffweb (pip) Sep 27, 2022
rdiffweb vulnerable to potential DoS via memory consumption High
CVE-2022-3298 was published for rdiffweb (pip) Sep 27, 2022
Uncontrolled Resource Consumption in asyncua and opcua High
CVE-2022-25304 was published for asyncua (pip) Aug 24, 2022
GoetzGoerisch tdunlap607
NFStream Local Denial of Service (DoS) Moderate
CVE-2020-25340 was published for nfstream (pip) May 24, 2022
OpenStack os-vif Ageing time of 0 disables linuxbridge MAC learning Critical
CVE-2019-15753 was published for os-vif (pip) May 24, 2022
OpenStack Compute (Nova) does not verify the virtual size of a QCOW2 image Moderate
CVE-2013-2096 was published for nova (pip) May 17, 2022
OpenStack Nova VMWare driver leaks rescued images High
CVE-2014-2573 was published for nova (pip) May 17, 2022
Plone is vulnerable to denial of service High
CVE-2012-5499 was published for Plone (pip) May 17, 2022
Django database denial-of-service with ModelMultipleChoiceField High
CVE-2015-0222 was published for Django (pip) May 17, 2022
MarkLee131
OpenStack Glance Denial of service by creating a large number of images High
CVE-2014-9684 was published for glance (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images High
CVE-2015-1881 was published for glance (pip) May 17, 2022
priority vulnerable to denial of service Moderate
CVE-2016-6580 was published for priority (pip) May 17, 2022
OpenStack Compute (Nova) Denial of service via a large number of calls to the addFixedIp function High
CVE-2013-1838 was published for nova (pip) May 17, 2022
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
Django Denial-of-service possibility with strip_tags High
CVE-2015-2316 was published for Django (pip) May 14, 2022
MarkLee131
pyftpdlib vulnerable to allocation of resources without limits High
CVE-2007-6740 was published for pyftpdlib (pip) May 1, 2022
Allocation of Resources Without Limits or Throttling in nvflare High
CVE-2022-21822 was published for nvflare (pip) Mar 18, 2022
Nintorac
Twisted SSH client and server deny of service during SSH handshake. High
CVE-2022-21716 was published for twisted (pip) Mar 3, 2022
Idan-D vin01
Memory exhaustion in Tensorflow Moderate
CVE-2022-21732 was published for tensorflow (pip) Feb 10, 2022
ReDOS in Mpmath High
CVE-2021-29063 was published for mpmath (pip) Aug 9, 2021
bryan-rhm
Sydent vulnerable to denial of service attack via memory exhaustion High
CVE-2021-29430 was published for matrix-sydent (pip) Apr 19, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database