Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,027 advisories

Loading
Malicious or unintentional API requests can be used to add significant amount of data to caches.... High Unreviewed
CVE-2025-30188 was published Oct 31, 2025
LibreChat version 0.7.9 is vulnerable to a Denial of Service (DoS) attack due to unbounded... Moderate Unreviewed
CVE-2025-8849 was published Oct 31, 2025
Scrapy versions up to 2.13.2 are vulnerable to a denial of service (DoS) attack due to a flaw in... High Unreviewed
CVE-2025-6176 was published Oct 31, 2025
gnark-crypto allows unchecked memory allocation during vector deserialization High
GHSA-fj2x-735w-74vq was published for github.com/consensys/gnark-crypto (Go) Oct 30, 2025
raefko
Credited to raefko
Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability... Moderate Unreviewed
CVE-2025-5342 was published Oct 30, 2025
Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This... High Unreviewed
CVE-2025-10932 was published Oct 29, 2025
Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse`` High
CVE-2025-62727 was published for starlette (pip) Oct 28, 2025
ch4n3-yoon
Credited to ch4n3-yoon
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 2 of 2). High Unreviewed
CVE-2025-54605 was published Oct 28, 2025
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 1 of 2). High Unreviewed
CVE-2025-54604 was published Oct 28, 2025
Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local... Moderate Unreviewed
CVE-2025-61155 was published Oct 28, 2025
An issue was discovered in Prevx v3.0.5.220 allowing attackers to cause a denial of service via... High Unreviewed
CVE-2025-60349 was published Oct 28, 2025
Liferay Portal Vulnerable to DoS via Crafted Headless API Request High
CVE-2025-62260 was published for com.liferay.portal:release.portal.bom (Maven) Oct 28, 2025
Keycloak TLS Client-Initiated Renegotiation Denial of Service High
CVE-2025-11419 was published for org.keycloak:keycloak-quarkus-dist (Maven) Oct 27, 2025
Bouncy Castle Vulnerable to Uncontrolled Resource Consumption Moderate
CVE-2025-12194 was published for org.bouncycastle:bc-fips (Maven) Oct 25, 2025
An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348)... Moderate Unreviewed
CVE-2025-60419 was published Oct 24, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core)... Moderate Unreviewed
CVE-2025-62475 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62476 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62477 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62478 was published Oct 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2025-53053 was published Oct 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-53054 was published Oct 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-53067 was published Oct 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-53062 was published Oct 21, 2025
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The... Moderate Unreviewed
CVE-2025-53068 was published Oct 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-53040 was published Oct 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database