GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
High
CVE-2024-47072
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Nov 7, 2024
CWA-2024-005: Stackoverflow in wasmd
High
GHSA-g8w7-7vgg-x7xg
was published
for
github.com/CosmWasm/wasmd
(Go)
Aug 21, 2024
whoami stack buffer overflow on several Unix platforms
High
GHSA-w5w5-8vfh-xcjq
was published
for
whoami
(Rust)
Apr 5, 2024
Elasticsearch vulnerable to stack overflow in the search API
Moderate
CVE-2023-31419
was published
for
org.elasticsearch:elasticsearch
(Maven)
Oct 26, 2023
Jettison parser crash by stackoverflow
Moderate
GHSA-xqcq-j8w9-3pxv
was published
for
com.tencyle.fixes:org.codehaus.jettison--jettison
(Maven)
Aug 1, 2023
Vapor vulnerable to denial of service in URLEncodedFormDecoder
High
CVE-2022-31019
was published
for
github.com/vapor/vapor
(Swift)
Jun 7, 2023
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow
High
CVE-2022-40151
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Dec 30, 2022
XStream can cause Denial of Service via stack overflow
High
CVE-2022-41966
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Dec 29, 2022
Snakeyaml vulnerable to Stack overflow leading to denial of service
Moderate
CVE-2022-41854
was published
for
org.yaml:snakeyaml
(Maven)
Nov 11, 2022
Jettison parser crash by stackoverflow
Moderate
CVE-2022-40149
was published
for
org.codehaus.jettison:jettison
(Maven)
Sep 17, 2022
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
Moderate
CVE-2022-38749
was published
for
be.cylab:snakeyaml
(Maven)
Sep 6, 2022
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
Moderate
CVE-2022-38750
was published
for
org.yaml:snakeyaml
(Maven)
Sep 6, 2022
snakeYAML before 1.32 vulnerable to Denial of Service due to Out-of-bounds Write
Moderate
CVE-2022-38752
was published
for
org.yaml:snakeyaml
(Maven)
Sep 6, 2022
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
Moderate
CVE-2022-38751
was published
for
org.yaml:snakeyaml
(Maven)
Sep 6, 2022
Untrusted data can lead to DoS attack due to hash collisions and stack overflow in MessagePack
Moderate
CVE-2020-5234
was published
for
MessagePack
(NuGet)
Jan 31, 2020
ProTip!
Advisories are also available from the
GraphQL API