Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,316 advisories

Loading
Successful exploitation of the vulnerability could allow an attacker to cause repeated reboots,... Moderate Unreviewed
CVE-2025-48467 was published Jun 26, 2025
Successful exploitation of the vulnerability could allow an attacker to consume all available... Moderate Unreviewed
CVE-2025-48462 was published Jun 26, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18... Moderate Unreviewed
CVE-2025-3279 was published Jun 26, 2025
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a remote attacker to... High Unreviewed
CVE-2025-3221 was published Jun 23, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-29872 was published Jun 6, 2025
Spring Framework vulnerable to Denial of Service Moderate
CVE-2024-38808 was published for org.springframework:spring-expression (Maven) Aug 20, 2024
Withdrawn Advisory: microlight allows a denial of service Low
CVE-2025-45526 was published for microlight (npm) Jun 17, 2025 withdrawn
Qix-
Credited to Qix-
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message,... High Unreviewed
CVE-2025-32049 was published Apr 3, 2025
Salt's worker process vulnerable to denial of service through file read operation Moderate
CVE-2025-22242 was published for salt (pip) Jun 13, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 2.1.0 before 17.10.8, 17... Moderate Unreviewed
CVE-2025-5996 was published Jun 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 8.7 before 17.10.8, 17... Moderate Unreviewed
CVE-2025-1516 was published Jun 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-1478 was published Jun 12, 2025
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers... Critical Unreviewed
CVE-2021-42142 was published Jan 24, 2024
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and... High Unreviewed
CVE-2025-25032 was published Jun 11, 2025
Drupal Admin Audit Trail Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2025-48448 was published for drupal/admin_audit_trail (Composer) Jun 11, 2025
Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS) High
CVE-2025-49140 was published for github.com/pion/interceptor (Go) Jun 9, 2025
JoeTurki kmansoft
3DRX
Credited to JoeTurki, kmansoft, and 3DRX
CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification High
CVE-2025-47950 was published for github.com/coredns/coredns (Go) Jun 6, 2025
thevilledev dfunkt
Credited to thevilledev and dfunkt
basic/unit-name.c in systemd 220 through 248 has a Memory Allocation with an Excessive Size Value... Moderate Unreviewed
CVE-2021-33910 was published May 24, 2022
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-22484 was published Jun 6, 2025
Resource allocation control failure vulnerability in the ArkUI framework Impact: Successful... Moderate Unreviewed
CVE-2024-58114 was published Jun 6, 2025
ReDoS Vulnerability in Rack::Multipart handle_mime_head Moderate
CVE-2025-49007 was published for rack (RubyGems) Jun 5, 2025
An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131... High Unreviewed
CVE-2018-25112 was published Jun 4, 2025
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation... Moderate Unreviewed
CVE-2024-22164 was published Jan 9, 2024
A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to... High Unreviewed
CVE-2025-46807 was published Jun 2, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-3050 was published May 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database