Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

29 advisories

Loading
Pyopenssl Incorrect Memory Management High
CVE-2018-1000808 was published for pyopenssl (pip) Oct 10, 2018
Missing Release of Memory after Effective Lifetime in Apache Tika Moderate
CVE-2020-9489 was published for org.apache.tika:tika (Maven) May 7, 2021
tdunlap607
Missing release of memory in sized-chunks High
CVE-2020-25795 was published for sized-chunks (Rust) Aug 25, 2021
Missing release of memory in sized-chunks High
CVE-2020-25794 was published for sized-chunks (Rust) Aug 25, 2021
crossbeam-channel Undefined Behavior before v0.4.4 High
CVE-2020-15254 was published for crossbeam-channel (Rust) Aug 25, 2021
Missing Release of Memory after Effective Lifetime in detect-character-encoding High
CVE-2021-39176 was published for detect-character-encoding (npm) Sep 1, 2021
Memory leak in decoding PNG images Moderate
CVE-2022-23585 was published for tensorflow (pip) Feb 9, 2022
Memory leak in Tensorflow Moderate
CVE-2022-23578 was published for tensorflow (pip) Feb 10, 2022
Wildfly-OpenSSL memory leak flaw High
CVE-2020-25644 was published for org.wildfly.openssl:wildfly-openssl-natives-parent (Maven) May 24, 2022
Uncontrolled Resource Consumption in WildFly Moderate
CVE-2020-25689 was published for org.wildfly:wildfly-dist (Maven) May 24, 2022
Missing permission checks in Jenkins Chaos Monkey Plugin High
CVE-2020-2322 was published for io.jenkins.plugins:chaos-monkey (Maven) May 24, 2022
NotMyFault
Wildfly has a memory leak vulnerability Moderate
CVE-2020-27822 was published for org.wildfly:wildfly-parent (Maven) May 24, 2022
NFStream Local Denial of Service (DoS) Moderate
CVE-2020-25340 was published for nfstream (pip) May 24, 2022
Undertow vulnerable to memory exhaustion due to buffer leak High
CVE-2021-3690 was published for io.undertow:undertow-core (Maven) Jul 15, 2022
containerd CRI stream server vulnerable to host memory exhaustion via terminal Moderate
CVE-2022-23471 was published for github.com/containerd/containerd (Go) Dec 7, 2022
CometBFT PeerState JSON serialization deadlock Moderate
CVE-2023-34450 was published for github.com/cometbft/cometbft (Go) Jul 5, 2023
mmsqe sergio-mena
CometBFT may duplicate transactions in the mempool's data structures High
CVE-2023-34451 was published for github.com/cometbft/cometbft (Go) Jul 5, 2023
otrack
MsQuic Remote Denial of Service Vulnerability High
CVE-2023-36435 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
memory leak flaw was found in ruby-magick Moderate
CVE-2023-5349 was published for rmagick (RubyGems) Oct 30, 2023
HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability High
CVE-2023-5954 was published for github.com/hashicorp/vault (Go) Nov 9, 2023
tokio-boring vulnerable to resource exhaustion via memory leak Moderate
CVE-2023-6180 was published for tokio-boring (Rust) Dec 5, 2023
ehaydenr
OpenFGA denial of service Moderate
CVE-2024-23820 was published for github.com/openfga/openfga (Go) Jan 26, 2024
fetch(url) leads to a memory leak in undici Moderate
CVE-2024-24750 was published for undici (npm) Feb 16, 2024
mcollina
Remote Denial of Service Vulnerability in Microsoft QUIC High
GHSA-2x7m-gf85-3745 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Mar 13, 2024
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
andrewpollock
ProTip! Advisories are also available from the GraphQL API