Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,315 advisories

Loading
On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed... High Unreviewed
CVE-2025-55670 was published Oct 15, 2025
When the Allowed IP Addresses feature is configured on the F5OS-C partition control plane,... High Unreviewed
CVE-2025-59778 was published Oct 15, 2025
When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery (SSRF... Moderate Unreviewed
CVE-2025-58474 was published Oct 15, 2025
When a BIG-IP APM Access Policy is configured on a virtual server, undisclosed traffic can cause... High Unreviewed
CVE-2025-53521 was published Oct 15, 2025
When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management... High Unreviewed
CVE-2025-41430 was published Oct 15, 2025
When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed... High Unreviewed
CVE-2025-46706 was published Oct 15, 2025
A denial-of-service security issue exists in the affected product and version. The security issue... High Unreviewed
CVE-2025-9177 was published Oct 14, 2025
An unauthanticated remote attacker can perform a DoS of the Modbus service by sending a specific... Moderate Unreviewed
CVE-2025-41704 was published Oct 14, 2025
Authlib : JWE zip=DEF decompression bomb enables DoS Moderate
CVE-2025-62706 was published for authlib (pip) Oct 10, 2025
AL-Cybision
Credited to AL-Cybision
Authlib is vulnerable to Denial of Service via Oversized JOSE Segments High
CVE-2025-61920 was published for authlib (pip) Oct 10, 2025
AL-Cybision
Credited to AL-Cybision
IBM Aspera Faspex 5.0.0 through 5.0.13.1 could allow a privileged user to cause a denial of... Moderate Unreviewed
CVE-2025-36171 was published Oct 9, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3... High Unreviewed
CVE-2025-10004 was published Oct 9, 2025
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8,... Moderate Unreviewed
CVE-2025-2934 was published Oct 9, 2025
vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server Moderate
CVE-2025-61620 was published for vllm (pip) Oct 7, 2025
key-moon Ga-ryo
ota42y Alnusjaponica Isotr0py DarkLight1337
Credited to key-moon, Ga-ryo, ota42y, Alnusjaponica, Isotr0py, and DarkLight1337
pdfmake is vulnerable to Throttling via repeatedly redirecting URL in file embedding High
CVE-2025-11362 was published for pdfmake (npm) Oct 7, 2025
jeran-urban
Credited to jeran-urban
A user with the appropriate authorization can create any number of user accounts via an API ... Low Unreviewed
CVE-2025-58578 was published Oct 6, 2025
If a user tries to login but the provided credentials are incorrect a log is created. The data... Moderate Unreviewed
CVE-2025-58582 was published Oct 6, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-44012 was published Oct 3, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-33039 was published Oct 3, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-33040 was published Oct 3, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-44007 was published Oct 3, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-44006 was published Oct 3, 2025
In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform... Moderate Unreviewed
CVE-2025-20370 was published Oct 1, 2025
github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks High
CVE-2025-61595 was published for github.com/MANTRA-Chain/mantrachain (Go) Sep 30, 2025
Hellobloc
Credited to Hellobloc
Finance.js vulnerable to DoS via the seekZero() parameter High
CVE-2025-56572 was published for financejs (npm) Sep 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database