GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
Apache CXF allows unrestricted memory consumption in CXF HTTP clients
Moderate
CVE-2024-41172
was published
for
org.apache.cxf:cxf-rt-transports-http
(Maven)
Jul 19, 2024
Undertow Missing Release of Memory after Effective Lifetime vulnerability
Moderate
CVE-2024-3653
was published
for
io.undertow:undertow-core
(Maven)
Jul 9, 2024
ic-stable-structures vulnerable to BTreeMap memory leak when deallocating nodes with overflows
Moderate
CVE-2024-4435
was published
for
ic-stable-structures
(Rust)
May 21, 2024
fetch(url) leads to a memory leak in undici
Moderate
CVE-2024-24750
was published
for
undici
(npm)
Feb 16, 2024
OpenFGA denial of service
Moderate
CVE-2024-23820
was published
for
github.com/openfga/openfga
(Go)
Jan 26, 2024
tokio-boring vulnerable to resource exhaustion via memory leak
Moderate
CVE-2023-6180
was published
for
tokio-boring
(Rust)
Dec 5, 2023
memory leak flaw was found in ruby-magick
Moderate
CVE-2023-5349
was published
for
rmagick
(RubyGems)
Oct 30, 2023
CometBFT PeerState JSON serialization deadlock
Moderate
CVE-2023-34450
was published
for
github.com/cometbft/cometbft
(Go)
Jul 5, 2023
containerd CRI stream server vulnerable to host memory exhaustion via terminal
Moderate
CVE-2022-23471
was published
for
github.com/containerd/containerd
(Go)
Dec 7, 2022
NFStream Local Denial of Service (DoS)
Moderate
CVE-2020-25340
was published
for
nfstream
(pip)
May 24, 2022
Wildfly has a memory leak vulnerability
Moderate
CVE-2020-27822
was published
for
org.wildfly:wildfly-parent
(Maven)
May 24, 2022
Uncontrolled Resource Consumption in WildFly
Moderate
CVE-2020-25689
was published
for
org.wildfly:wildfly-dist
(Maven)
May 24, 2022
Memory leak in decoding PNG images
Moderate
CVE-2022-23585
was published
for
tensorflow
(pip)
Feb 9, 2022
Missing Release of Memory after Effective Lifetime in Apache Tika
Moderate
CVE-2020-9489
was published
for
org.apache.tika:tika
(Maven)
May 7, 2021
ProTip!
Advisories are also available from the
GraphQL API