Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

625 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-3111 was published May 22, 2025
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows... Moderate Unreviewed
CVE-2025-29954 was published May 13, 2025
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-29957 was published May 13, 2025
ring has some AES functions that may panic when overflow checking is enabled in Moderate
CVE-2025-4432 was published for ring (Rust) May 9, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to... Moderate Unreviewed
CVE-2024-8973 was published May 9, 2025
In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix... Moderate Unreviewed
CVE-2025-37805 was published May 8, 2025
Django has a denial-of-service possibility in strip_tags() Moderate
CVE-2025-32873 was published for Django (pip) May 8, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-0915 was published May 5, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-1000 was published May 5, 2025
A vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged)... Moderate Unreviewed
CVE-2025-24341 was published Apr 30, 2025
net-imap rubygem vulnerable to possible DoS by memory exhaustion Moderate
CVE-2025-43857 was published for net-imap (RubyGems) Apr 28, 2025
Masamuneee nevans
Credited to Masamuneee and nevans
quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a... Moderate Unreviewed
CVE-2025-46687 was published Apr 27, 2025
GraphQL Armor Cost-Limit Plugin Bypass via Introspection Query Obfuscation Moderate
GHSA-733v-p3h5-qpq7 was published for @escape.tech/graphql-armor-cost-limit (npm) Apr 25, 2025
M0ngi EvertEt
Credited to M0ngi and EvertEt
Denial of service due to allocation of resources without limits. The following products are... Moderate Unreviewed
CVE-2025-30409 was published Apr 24, 2025
An issue has been discovered affecting service availability via issue preview in GitLab CE/EE... Moderate Unreviewed
CVE-2025-0639 was published Apr 24, 2025
Mattermost Playbooks fails to validate the uniqueness and quantity of task actions Moderate
CVE-2025-35965 was published for github.com/mattermost/mattermost-plugin-playbooks (Go) Apr 24, 2025
Cuba has a DoS in the File Storage Moderate
CVE-2025-32959 was published for com.haulmont.cuba:cuba-core (Maven) Apr 22, 2025
io.jmix.localfs:jmix-localfs affected by DoS in the Local File Storage Moderate
CVE-2025-32952 was published for io.jmix.localfs:jmix-localfs (Maven) Apr 22, 2025
AnonySE26
Credited to AnonySE26
Allocation of Resources Without Limits or Throttling vulnerability in Drupal Stage File Proxy... Moderate Unreviewed
CVE-2025-3734 was published Apr 16, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30688 was published Apr 15, 2025
vLLM vulnerable to Denial of Service by abusing xgrammar cache Moderate
GHSA-hf3c-wxg2-49q9 was published for vllm (pip) Apr 15, 2025
russellb
Credited to russellb
IBM QRadar WinCollect Agent 10.0 through 10.1.13 could allow a remote attacker to cause a denial... Moderate Unreviewed
CVE-2024-51461 was published Apr 11, 2025
A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables... Moderate Unreviewed
CVE-2025-0122 was published Apr 11, 2025
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all up to 17.8.7,... Moderate Unreviewed
CVE-2025-1677 was published Apr 10, 2025
Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination Moderate
CVE-2025-32386 was published for helm.sh/helm/v3 (Go) Apr 10, 2025
jake-ciolek
Credited to jake-ciolek
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database