Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,459 advisories

Loading
Denial of Service in i18n High
CVE-2020-7791 was published for i18n (NuGet) Dec 14, 2020
Denial of service attack via incorrect parameters in Matrix Synapse High
CVE-2020-26257 was published for matrix-synapse (pip) Dec 9, 2020
Exploitable inventory component chaining in PocketMine-MP High
GHSA-8jq6-w5cg-wm45 was published for pocketmine/pocketmine-mp (Composer) Nov 11, 2020
Muqsit CortexPE
Bitcoin Inventory Out-of-Memory Denial-of-Service Attack (CVE-2018-17145) High
CVE-2018-17145 was published for bcoin (npm) Sep 10, 2020
Denial of Service in subtext High
GHSA-2mvq-xp48-4c77 was published for subtext (npm) Sep 3, 2020
Denial of Service in @commercial/subtext High
GHSA-fvwr-h9xh-m6wc was published for @commercial/subtext (npm) Sep 3, 2020
Denial of Service in @hapi/subtext High
GHSA-4rgj-8mq3-hggj was published for @hapi/subtext (npm) Sep 3, 2020
Denial of Service in markdown-it-toc-and-anchor High
GHSA-x6m6-5hrf-fh6r was published for markdown-it-toc-and-anchor (npm) Sep 1, 2020
mprpic
Denial of Service in uws High
CVE-2016-10544 was published for uws (npm) Sep 1, 2020
Regular Expression Denial of Service in ansi2html High
CVE-2015-9239 was published for ansi2html (npm) Sep 1, 2020
Denial of Service in yar High
CVE-2014-4179 was published for yar (npm) Sep 1, 2020
Regular Expression Denial of Service in validator High
CVE-2014-8882 was published for validator (npm) Aug 31, 2020
Regular expression denial of service in url-regex High
CVE-2020-7661 was published for url-regex (npm) Jun 22, 2020
Denial of Service in Netty High
CVE-2020-11612 was published for io.netty:netty-handler (Maven) Jun 15, 2020
Denial of service in Apache Xerces2 High
CVE-2012-0881 was published for xerces:xercesImpl (Maven) Jun 15, 2020
Apache Tomcat Denial of Service vulnerability High
CVE-2019-0199 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 15, 2020
Regular Expression Denial of Service in websocket-extensions (NPM package) High
CVE-2020-7662 was published for websocket-extensions (npm) Jun 5, 2020
Regular Expression Denial of Service in websocket-extensions (RubyGem) High
CVE-2020-7663 was published for websocket-extensions (RubyGems) Jun 5, 2020
BSON rubygem contains potential denial of service High
CVE-2015-4411 was published for bson (RubyGems) Apr 29, 2020
Regular Expression Denial of Service in Acorn High
GHSA-6chw-6frg-f759 was published for acorn (npm) Apr 3, 2020
regular expression denial-of-service (ReDoS) in Bleach High
CVE-2020-6817 was published for bleach (pip) Mar 30, 2020
Regular Expression Denial of Service in csv-parse High
CVE-2019-17592 was published for csv-parse (npm) Oct 15, 2019
Uncontrolled Resource Consumption in MetadataExtractor High
CVE-2019-14262 was published for MetadataExtractor (NuGet) Aug 23, 2019
Django Denial-of-service in strip_tags() High
CVE-2019-14233 was published for Django (pip) Aug 6, 2019
Django Denial-of-service in django.utils.text.Truncator High
CVE-2019-14232 was published for Django (pip) Aug 6, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database