Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,036 advisories

Loading
OpenShift Hive Has an Uncontrolled Resource Consumption Vulnerability Moderate
CVE-2024-25132 was published for github.com/openshift/hive (Go) Mar 19, 2025
jsPDF Bypass Regular Expression Denial of Service (ReDoS) High
CVE-2025-29907 was published for jspdf (npm) Mar 18, 2025
PostQuantum-Feldman-VSS'S Dependency Vulnerability in gmpy2 Leading to Interpreter Crash High
GHSA-v432-7f47-9g94 was published for PostQuantum-Feldman-VSS (pip) Mar 17, 2025
DavidOsipov
Credited to DavidOsipov
A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS... High Unreviewed
CVE-2025-0114 was published Mar 12, 2025
Ruby SAML allows remote Denial of Service (DoS) with compressed SAML responses High
CVE-2025-25293 was published for ruby-saml (RubyGems) Mar 12, 2025
p-
Credited to p-
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.... High Unreviewed
CVE-2024-54546 was published Mar 10, 2025
The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15... Moderate Unreviewed
CVE-2024-44192 was published Mar 10, 2025
The issue was addressed with improved memory handling. This issue is fixed in iOS 18 and iPadOS... High Unreviewed
CVE-2024-44227 was published Mar 10, 2025
Sysax Multi Server 6.99 is vulnerable to a denial of service (DoS) condition when processing... High Unreviewed
CVE-2024-53458 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... High Unreviewed
CVE-2025-27669 was published Mar 5, 2025
CGI has Denial of Service (DoS) potential in Cookie.parse Moderate
CVE-2025-27219 was published for cgi (RubyGems) Mar 3, 2025
Goroutine Leak in Abacus SSE Implementation High
CVE-2025-27421 was published for github.com/jasonlovesdoggo/abacus (Go) Mar 3, 2025
JasonLovesDoggo
Credited to JasonLovesDoggo
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong... Moderate Unreviewed
CVE-2025-26466 was published Mar 1, 2025
An issue was discovered in O-RAN Near Realtime RIC I-Release. To exploit this vulnerability, an... Moderate Unreviewed
CVE-2024-34036 was published Feb 25, 2025
An issue was discovered in O-RAN Near Realtime RIC H-Release. To trigger the crashing of the... Moderate Unreviewed
CVE-2024-34035 was published Feb 25, 2025
DoS in go-jose Parsing Moderate
CVE-2025-27144 was published for github.com/go-jose/go-jose (Go) Feb 24, 2025
lakeFS allows an authenticated user to cause a crash by exhausting server memory Moderate
CVE-2025-27100 was published for github.com/treeverse/lakefs (Go) Feb 21, 2025
arielshaqed ItamarYuran
Credited to arielshaqed and ItamarYuran
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers... High Unreviewed
CVE-2023-51314 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Bus Reservation System v1... High Unreviewed
CVE-2023-51316 was published Feb 20, 2025
A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking... High Unreviewed
CVE-2023-51301 was published Feb 19, 2025
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Event... High Unreviewed
CVE-2023-51293 was published Feb 19, 2025
An issue in Docker-proxy v18.09.0 allows attackers to cause a denial of service. Moderate Unreviewed
CVE-2024-57782 was published Feb 14, 2025
Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB.... High Unreviewed
CVE-2023-34397 was published Feb 14, 2025
Node Denial of Service via kubelet Checkpoint API Moderate
CVE-2025-0426 was published for k8s.io/kubernetes (Go) Feb 13, 2025
An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a... High Unreviewed
CVE-2024-56940 was published Feb 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database