Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,030 advisories

Loading
An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of... High Unreviewed
CVE-2025-55551 was published Sep 25, 2025
apidoc-core is vulnerable to prototype pollution High
CVE-2025-57317 was published for apidoc-core (npm) Sep 25, 2025
Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer Moderate
CVE-2025-6921 was published for transformers (pip) Sep 23, 2025
The Blackmagic ATEM Mini Pro 2.7 exposes an undocumented Telnet service on TCP port 9993, which... High Unreviewed
CVE-2025-57440 was published Sep 22, 2025
A security flaw has been discovered in Tor up to 0.4.7.16/0.4.8.17. Impacted is an unknown... Moderate Unreviewed
CVE-2025-4444 was published Sep 18, 2025
CISA Thorium does not rate limit requests to send account verification email messages. A remote... Moderate Unreviewed
CVE-2025-35432 was published Sep 17, 2025
REXML has DoS condition when parsing malformed XML file Low
CVE-2025-58767 was published for rexml (RubyGems) Sep 17, 2025
sofiaaberegg
Credited to sofiaaberegg
The /api/comment endpoint in zhangyd-c OneBlog 2.3.9 contains a denial-of-service vulnerability. High Unreviewed
CVE-2025-56264 was published Sep 16, 2025
A denial-of-service issue was addressed with improved validation. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43295 was published Sep 16, 2025
Liferay Portal: Missing Rate Limiting in GraphQL Endpoint Enables Resource Exhaustion Attack High
CVE-2025-43796 was published for com.liferay:com.liferay.portal.vulcan.api (Maven) Sep 12, 2025
Hono has Body Limit Middleware Bypass Moderate
CVE-2025-59139 was published for hono (npm) Sep 12, 2025
imenyoo2 mwlik
Credited to imenyoo2 and mwlik
An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) Integer overflow and invalid... High Unreviewed
CVE-2025-57614 was published Sep 10, 2025
A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software... High Unreviewed
CVE-2025-20340 was published Sep 10, 2025
Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated... Moderate Unreviewed
CVE-2025-49460 was published Sep 10, 2025
Cattown is Vulnerable to Uncontrolled Resource Consumption through Inefficient Regular Expression Complexity High
CVE-2025-58451 was published for cattown (npm) Sep 9, 2025
cai0duque
Credited to cai0duque
An issue in Open5GS v2.7.2 and before allows a remote attacker to cause a denial of service via a... High Unreviewed
CVE-2025-52322 was published Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40802 was published Sep 9, 2025
Assertion failure in function ngap_build_downlink_nas_transport in file src/amf/ngap-build.c, the... High Unreviewed
CVE-2025-52288 was published Sep 8, 2025
Adacore Ada Web Server (AWS) before 25.2 is vulnerable to a denial-of-service (DoS) condition due... High Unreviewed
CVE-2025-52494 was published Sep 8, 2025
FS2 half-shutdown of socket during TLS handshake may result in spin loop on opposite side Moderate
CVE-2025-58369 was published for co.fs2:fs2-io_0.26 (Maven) Sep 5, 2025
In multiple locations, there is a possible permanent denial of service due to resource exhaustion... Moderate Unreviewed
CVE-2025-26449 was published Sep 5, 2025
In allowPackageAccess of multiple files, resource exhaustion is possible when repeatedly adding... Moderate Unreviewed
CVE-2025-26463 was published Sep 5, 2025
In setupAccessibilityServices of AccessibilityFragment.java , there is a possible way to hide an... Moderate Unreviewed
CVE-2024-40664 was published Sep 4, 2025
In multiple functions of AccountManagerService.java, there is a possible permanent denial of... Moderate Unreviewed
CVE-2025-48542 was published Sep 4, 2025
In validateIpConfiguration of WifiConfigurationUtil.java, there is a possible way to trigger a... Moderate Unreviewed
CVE-2025-26423 was published Sep 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database