Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,036 advisories

Loading
Apache Wicket: An attacker can intentionally trigger a memory leak Moderate
CVE-2024-53299 was published for org.apache.wicket:wicket-core (Maven) Jan 23, 2025
raboof
Credited to raboof
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-57724 was published Jan 23, 2025
Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a... High Unreviewed
CVE-2023-37014 was published Jan 22, 2025
Open5GS MME versions <= 2.6.4 contain a reachable assertion in the `UE Context Release Request`... High Unreviewed
CVE-2023-37022 was published Jan 22, 2025
In build_read_multi_rsp of gatt_sr.cc, there is a possible denial of service due to a logic error... Moderate Unreviewed
CVE-2024-43763 was published Jan 22, 2025
A reachable assertion in the decode_access_point_name_ie function of Magma <= 1.8.0 (fixed in v1... High Unreviewed
CVE-2024-24424 was published Jan 22, 2025
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... High Unreviewed
CVE-2025-21545 was published Jan 21, 2025
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications ... Critical Unreviewed
CVE-2025-21547 was published Jan 21, 2025
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). ... Moderate Unreviewed
CVE-2025-21548 was published Jan 21, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2025-21549 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema)... Moderate Unreviewed
CVE-2025-21529 was published Jan 21, 2025
Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop Moderate
CVE-2024-10846 was published for github.com/compose-spec/compose-go/v2 (Go) Jan 21, 2025
ahollmann idsulik
thaJeztah glours gbrindisi
Credited to ahollmann, idsulik, thaJeztah, glours, and gbrindisi
Apache CXF: Denial of Service vulnerability with temporary files High
CVE-2025-23184 was published for org.apache.cxf:cxf-core (Maven) Jan 21, 2025
In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible way to crash the... Moderate Unreviewed
CVE-2018-9447 was published Jan 18, 2025
An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a... High Unreviewed
CVE-2024-50953 was published Jan 15, 2025
Flatnotes <v5.3.1 is vulnerable to denial of service through the upload image function. High Unreviewed
CVE-2024-54730 was published Jan 15, 2025
Windows upnphost.dll Denial of Service Vulnerability High Unreviewed
CVE-2025-21389 was published Jan 14, 2025
Windows Remote Desktop Services Denial of Service Vulnerability High Unreviewed
CVE-2025-21330 was published Jan 14, 2025
Windows upnphost.dll Denial of Service Vulnerability High Unreviewed
CVE-2025-21300 was published Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21289 was published Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21290 was published Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21251 was published Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21270 was published Jan 14, 2025
IP Helper Denial of Service Vulnerability High Unreviewed
CVE-2025-21231 was published Jan 14, 2025
Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability High Unreviewed
CVE-2025-21207 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database