Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,529 advisories

Loading
By sending a specially crafted push message, a remote server could have hung the parent process,... High Unreviewed
CVE-2024-10466 was published Oct 29, 2024
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard... High Unreviewed
CVE-2024-7592 was published Aug 19, 2024
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is... High Unreviewed
CVE-2023-50868 was published Feb 14, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-30999 was published Feb 3, 2024
RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service... High Unreviewed
CVE-2023-1992 was published Apr 12, 2023
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one... High Unreviewed
CVE-2022-45061 was published Nov 9, 2022
The issue was addressed with improved UI. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and... High Unreviewed
CVE-2025-31210 was published May 13, 2025
Ruby SAML allows remote Denial of Service (DoS) with compressed SAML responses High
CVE-2025-25293 was published for ruby-saml (RubyGems) Mar 12, 2025
p-
Credited to p-
Apache Tomcat - Denial of Service High
CVE-2024-34750 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jul 3, 2024
westonsteimel
Credited to westonsteimel
The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2024-33655 was published Jun 6, 2024
Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace... High Unreviewed
CVE-2017-14180 was published May 14, 2022
Authlib is vulnerable to Denial of Service via Oversized JOSE Segments High
CVE-2025-61920 was published for authlib (pip) Oct 10, 2025
AL-Cybision
Credited to AL-Cybision
In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated... High Unreviewed
CVE-2025-38501 was published Aug 16, 2025
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a... High Unreviewed
CVE-2025-63561 was published Oct 31, 2025
Brotli is vulnerable to a denial of service (DoS) attack due to decompression High
CVE-2025-6176 was published for brotli (pip) Oct 31, 2025
Malicious or unintentional API requests can be used to add significant amount of data to caches.... High Unreviewed
CVE-2025-30188 was published Oct 31, 2025
gnark-crypto allows unchecked memory allocation during vector deserialization High
GHSA-fj2x-735w-74vq was published for github.com/consensys/gnark-crypto (Go) Oct 30, 2025
raefko
Credited to raefko
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 2 of 2). High Unreviewed
CVE-2025-54605 was published Oct 28, 2025
Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This... High Unreviewed
CVE-2025-10932 was published Oct 29, 2025
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 1 of 2). High Unreviewed
CVE-2025-54604 was published Oct 28, 2025
An issue was discovered in Prevx v3.0.5.220 allowing attackers to cause a denial of service via... High Unreviewed
CVE-2025-60349 was published Oct 28, 2025
Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse`` High
CVE-2025-62727 was published for starlette (pip) Oct 28, 2025
ch4n3-yoon
Credited to ch4n3-yoon
Liferay Portal Vulnerable to DoS via Crafted Headless API Request High
CVE-2025-62260 was published for com.liferay.portal:release.portal.bom (Maven) Oct 28, 2025
An issue in SunOS Omnios v5.11 allows attackers to cause a Denial of Service (DoS) via repeatedly... High Unreviewed
CVE-2024-57412 was published Sep 29, 2025
Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP... High Unreviewed
CVE-2025-56233 was published Sep 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database