Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,056
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,311 advisories

Loading
Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS) High
CVE-2025-49140 was published for github.com/pion/interceptor (Go) Jun 9, 2025
JoeTurki kmansoft
3DRX
Credited to JoeTurki, kmansoft, and 3DRX
CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification High
CVE-2025-47950 was published for github.com/coredns/coredns (Go) Jun 6, 2025
thevilledev dfunkt
Credited to thevilledev and dfunkt
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-22484 was published Jun 6, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-29872 was published Jun 6, 2025
Resource allocation control failure vulnerability in the ArkUI framework Impact: Successful... Moderate Unreviewed
CVE-2024-58114 was published Jun 6, 2025
When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash... Moderate Unreviewed
CVE-2025-5683 was published Jun 5, 2025
ReDoS Vulnerability in Rack::Multipart handle_mime_head Moderate
CVE-2025-49007 was published for rack (RubyGems) Jun 5, 2025
An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131... High Unreviewed
CVE-2018-25112 was published Jun 4, 2025
A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to... High Unreviewed
CVE-2025-46807 was published Jun 2, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-3050 was published May 29, 2025
An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11,... Moderate Unreviewed
CVE-2025-48738 was published May 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 17.10.7, 17... Moderate Unreviewed
CVE-2024-7803 was published May 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before... High Unreviewed
CVE-2025-0993 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before... Moderate Unreviewed
CVE-2025-2853 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-3111 was published May 22, 2025
Allocation of Resources Without Limits or Throttling vulnerability in Drupal Events Log Track... High Unreviewed
CVE-2025-4416 was published May 21, 2025
Tornado vulnerable to excessive logging caused by malformed multipart form data High
CVE-2025-47287 was published for tornado (pip) May 16, 2025
Startr4ck awsactran
Credited to Startr4ck and awsactran
Babylon Integer Overflow in Distribution Module CumulativeRewardRatio Calculation Leading to Chain Halt High
GHSA-869w-47c6-fq8q was published for github.com/babylonlabs-io/babylon (Go) May 15, 2025
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows... Moderate Unreviewed
CVE-2025-29954 was published May 13, 2025
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-29957 was published May 13, 2025
Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized... High Unreviewed
CVE-2025-26677 was published May 13, 2025
IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote attacker to cause a denial... High Unreviewed
CVE-2025-3632 was published May 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to... Moderate Unreviewed
CVE-2024-8973 was published May 9, 2025
ring has some AES functions that may panic when overflow checking is enabled in Moderate
CVE-2025-4432 was published for ring (Rust) May 9, 2025
In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix... Moderate Unreviewed
CVE-2025-37805 was published May 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database