Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,383 advisories

Loading
Denial of Service in i18n High
CVE-2020-7791 was published for i18n (NuGet) Dec 14, 2020
Denial of service attack via incorrect parameters in Matrix Synapse High
CVE-2020-26257 was published for matrix-synapse (pip) Dec 9, 2020
Denial of service in fast-csv Low
CVE-2020-26256 was published for @fast-csv/parse (npm) Dec 8, 2020
ReDOS vulnerabities: multiple grammars Moderate
GHSA-7wwv-vh3v-89cq was published for @highlightjs/cdn-assets (npm) Dec 4, 2020
RunDevelopment erik-krogh
kurt-r2c
Exploitable inventory component chaining in PocketMine-MP High
GHSA-8jq6-w5cg-wm45 was published for pocketmine/pocketmine-mp (Composer) Nov 11, 2020
Muqsit CortexPE
Denial of Service via Cache Flooding Low
GHSA-p68v-frgx-4rjp was published for shopware/core (Composer) Oct 19, 2020
Memory exhaustion in http4s-async-http-client with large or malicious compressed responses Low
GHSA-8hxh-r6f7-jf45 was published for org.http4s:http4s-async-http-client_2.12 (Maven) Oct 16, 2020
leonardosantosklarna ashwinbhaskar
Denial of Service in node-sass Moderate
GHSA-9v62-24cr-58cx was published for node-sass (npm) Sep 11, 2020
Bitcoin Inventory Out-of-Memory Denial-of-Service Attack (CVE-2018-17145) High
CVE-2018-17145 was published for bcoin (npm) Sep 10, 2020
Regular Expression Denial of Service in markdown Low
GHSA-wx77-rp39-c6vg was published for markdown (npm) Sep 4, 2020
Denial of Service in handlebars Moderate
GHSA-f52g-6jhx-586p was published for handlebars (npm) Sep 3, 2020
Denial of Service in apostrophe Low
GHSA-pv6r-vchh-cxg9 was published for apostrophe (npm) Sep 3, 2020
Denial of Service in subtext High
GHSA-2mvq-xp48-4c77 was published for subtext (npm) Sep 3, 2020
Denial of Service in @commercial/subtext High
GHSA-fvwr-h9xh-m6wc was published for @commercial/subtext (npm) Sep 3, 2020
Denial of Service in @hapi/subtext High
GHSA-4rgj-8mq3-hggj was published for @hapi/subtext (npm) Sep 3, 2020
Regular Expression Denial of Service in simple-markdown Moderate
GHSA-4xf9-pgvv-xx67 was published for simple-markdown (npm) Sep 3, 2020
tdunlap607
Denial of Service in ipfs-bitswap Moderate
GHSA-6fcr-9h9g-23fq was published for ipfs-bitswap (npm) Sep 2, 2020
mprpic
Denial of Service in markdown-it-toc-and-anchor High
GHSA-x6m6-5hrf-fh6r was published for markdown-it-toc-and-anchor (npm) Sep 1, 2020
mprpic
Denial of Service in uws High
CVE-2016-10544 was published for uws (npm) Sep 1, 2020
Regular Expression Denial of Service in ansi2html High
CVE-2015-9239 was published for ansi2html (npm) Sep 1, 2020
Regular Expression Denial of Service in bleach Moderate
CVE-2014-8881 was published for bleach (npm) Sep 1, 2020
Denial of Service in yar High
CVE-2014-4179 was published for yar (npm) Sep 1, 2020
Regular Expression Denial of Service in validator High
CVE-2014-8882 was published for validator (npm) Aug 31, 2020
Client Denial of Service on TUF Moderate
CVE-2020-6173 was published for tuf (pip) Aug 21, 2020
Denial of service in fastify Moderate
CVE-2020-8192 was published for fastify (npm) Aug 5, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database