Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,040 advisories

Loading
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of... Moderate Unreviewed
CVE-2025-8449 was published Aug 20, 2025
'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability... High Unreviewed
CVE-2025-9182 was published Aug 19, 2025
Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in... Moderate Unreviewed
CVE-2025-55028 was published Aug 19, 2025
Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in... High Unreviewed
CVE-2025-55029 was published Aug 19, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url... High Unreviewed
CVE-2025-55586 was published Aug 18, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the fw_ip... High Unreviewed
CVE-2025-55588 was published Aug 18, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname... High Unreviewed
CVE-2025-55587 was published Aug 18, 2025
Bouncy Castle for Java Uncontrolled Resource Consumption Vulnerability Low
CVE-2025-9092 was published for org.bouncycastle:bc-fips (Maven) Aug 16, 2025
In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated... High Unreviewed
CVE-2025-38501 was published Aug 16, 2025
PyPDF's Manipulated FlateDecode streams can exhaust RAM Moderate
CVE-2025-55197 was published for pypdf (pip) Aug 13, 2025
jakiki6 stefan6419846
Credited to jakiki6 and stefan6419846
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the... High Unreviewed
CVE-2025-50615 was published Aug 13, 2025
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized... High Unreviewed
CVE-2025-53722 was published Aug 12, 2025
Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series... Moderate Unreviewed
CVE-2025-26697 was published Aug 12, 2025
Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series... Moderate Unreviewed
CVE-2025-26863 was published Aug 12, 2025
Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for... Low Unreviewed
CVE-2025-27576 was published Aug 12, 2025
Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for... Moderate Unreviewed
CVE-2025-26472 was published Aug 12, 2025
Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for... Moderate Unreviewed
CVE-2025-27250 was published Aug 12, 2025
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed
CVE-2025-40766 was published Aug 12, 2025
Oak Server has ReDoS in x-forwarded-proto and x-forwarded-for headers Moderate
CVE-2025-55152 was published for @oakserver/oak (npm) Aug 12, 2025
dellalibera
Credited to dellalibera
A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0... Moderate Unreviewed
CVE-2025-8537 was published Aug 5, 2025
An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2025-46206 was published Aug 4, 2025
An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an... High Unreviewed
CVE-2025-50420 was published Aug 4, 2025
MaterialX Lack of MTLX Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion Moderate
CVE-2025-53012 was published for MaterialX (pip) Jul 31, 2025
suidpit ndaprela
TheZ3ro smaury
Credited to suidpit, ndaprela, TheZ3ro, and smaury
SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks Moderate
CVE-2025-54575 was published for SixLabors.ImageSharp (NuGet) Jul 30, 2025
whatevicanhaz
Credited to whatevicanhaz
Ruby SAML DOS vulnerability with large SAML response Moderate
CVE-2025-54572 was published for ruby-saml (RubyGems) Jul 30, 2025
Yuuki77 dblessing
Credited to Yuuki77 and dblessing
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database