Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,311 advisories

Loading
Possible DoS by memory exhaustion in net-imap Moderate
CVE-2025-25186 was published for net-imap (RubyGems) Feb 10, 2025
manunio nevans
Credited to manunio and nevans
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit... Moderate Unreviewed
CVE-2025-21690 was published Feb 10, 2025
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS... Moderate Unreviewed
CVE-2024-54658 was published Feb 10, 2025
A denial of service vulnerability in GitLab CE/EE affecting all versions from 14.1 prior to 17.6... Moderate Unreviewed
CVE-2024-12379 was published Feb 12, 2025
An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a... High Unreviewed
CVE-2024-56940 was published Feb 13, 2025
CWE-770: Allocation of Resources Without Limits or Throttling vulnerability exists that could... High Unreviewed
CVE-2025-1059 was published Feb 13, 2025
Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB.... High Unreviewed
CVE-2023-34397 was published Feb 14, 2025
Monero through 0.18.3.4 before ec74ff4 does not have response limits on HTTP server connections. High Unreviewed
CVE-2025-26819 was published Feb 15, 2025
Restricted Views backed objects (OSV1) could be bypassed under specific circumstances due to a... Moderate Unreviewed
CVE-2024-49589 was published Feb 18, 2025
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0... Moderate Unreviewed
CVE-2023-51297 was published Feb 19, 2025
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Car Park Booking System v3... Moderate Unreviewed
CVE-2023-51309 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Car Park... Moderate Unreviewed
CVE-2023-51310 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cinema Booking System v1.0... Moderate Unreviewed
CVE-2023-51334 was published Feb 20, 2025
An issue was discovered in Atos Eviden BullSequana XH2140 BMC before C4EM-125: OMF_C4E 101.05... High Unreviewed
CVE-2024-46933 was published Feb 20, 2025
Namada-apps can Crash with Excessive Computation in Mempool Validation Critical
GHSA-82vg-5v4f-f9wq was published for namada-apps (Rust) Feb 20, 2025
feliam
Credited to feliam
Namada-apps allows Excessive Computation in Mempool Validation Critical
GHSA-f8qm-hmm3-fv7f was published for namada-apps (Rust) Feb 20, 2025
feliam
Credited to feliam
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1... Moderate Unreviewed
CVE-2023-51339 was published Feb 20, 2025
DoS in go-jose Parsing Moderate
CVE-2025-27144 was published for github.com/go-jose/go-jose (Go) Feb 24, 2025
Application does not limit the number or frequency of user interactions, such as the number of... Critical Unreviewed
CVE-2025-22273 was published Feb 28, 2025
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong... Moderate Unreviewed
CVE-2025-26466 was published Mar 1, 2025
CGI has Denial of Service (DoS) potential in Cookie.parse Moderate
CVE-2025-27219 was published for cgi (RubyGems) Mar 3, 2025
OpenTelemetry .NET has Denial of Service (DoS) Vulnerability in API Package Moderate
CVE-2025-27513 was published for OpenTelemetry.Api (NuGet) Mar 5, 2025
Django vulnerable to Allocation of Resources Without Limits or Throttling Moderate
CVE-2025-26699 was published for Django (pip) Mar 6, 2025
A vulnerability in the pairing request method in Microsoft HoloLens 1 and 2 - Windows Holographic... Moderate Unreviewed
CVE-2024-57972 was published Mar 6, 2025
DoS Vulnerability in TraceContextPropagator.Extract - OpenTelemetry.Api High
GHSA-vc29-vg52-6643 was published for OpenTelemetry.AutoInstrumentation (NuGet) Mar 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database