Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,620
Maven
5,000+
npm
4,255
NuGet
760
pip
4,043
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,035 advisories

Loading
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem. Mishandling... High Unreviewed
CVE-2025-49494 was published Nov 4, 2025
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS... High Unreviewed
CVE-2025-43462 was published Nov 4, 2025
The issue was addressed with improved bounds checks. This issue is fixed in iOS 26.1 and iPadOS... High Unreviewed
CVE-2025-43424 was published Nov 4, 2025
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2025-43385 was published Nov 4, 2025
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a... High Unreviewed
CVE-2025-63561 was published Oct 31, 2025
If the value passed to os.path.expandvars() is user-controlled a performance degradation is... Low Unreviewed
CVE-2025-6075 was published Oct 31, 2025
Denial of service of the web server through specific requests to this protocol Critical Unreviewed
CVE-2025-64388 was published Oct 31, 2025
Malicious or unintentional API requests can be used to add significant amount of data to caches.... High Unreviewed
CVE-2025-30188 was published Oct 31, 2025
LibreChat version 0.7.9 is vulnerable to a Denial of Service (DoS) attack due to unbounded... Moderate Unreviewed
CVE-2025-8849 was published Oct 31, 2025
Brotli is vulnerable to a denial of service (DoS) attack due to decompression High
CVE-2025-6176 was published for brotli (pip) Oct 31, 2025
smithcoin
Credited to smithcoin
gnark-crypto allows unchecked memory allocation during vector deserialization High
GHSA-fj2x-735w-74vq was published for github.com/consensys/gnark-crypto (Go) Oct 30, 2025
raefko
Credited to raefko
Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability... Moderate Unreviewed
CVE-2025-5342 was published Oct 30, 2025
Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This... High Unreviewed
CVE-2025-10932 was published Oct 29, 2025
Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse`` High
CVE-2025-62727 was published for starlette (pip) Oct 28, 2025
ch4n3-yoon nadavaseal
Credited to ch4n3-yoon and nadavaseal
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 2 of 2). High Unreviewed
CVE-2025-54605 was published Oct 28, 2025
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 1 of 2). High Unreviewed
CVE-2025-54604 was published Oct 28, 2025
Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local... Moderate Unreviewed
CVE-2025-61155 was published Oct 28, 2025
An issue was discovered in Prevx v3.0.5.220 allowing attackers to cause a denial of service via... High Unreviewed
CVE-2025-60349 was published Oct 28, 2025
Liferay Portal Vulnerable to DoS via Crafted Headless API Request High
CVE-2025-62260 was published for com.liferay.portal:release.portal.bom (Maven) Oct 28, 2025
Keycloak TLS Client-Initiated Renegotiation Denial of Service High
CVE-2025-11419 was published for org.keycloak:keycloak-quarkus-dist (Maven) Oct 27, 2025
Bouncy Castle Vulnerable to Uncontrolled Resource Consumption Moderate
CVE-2025-12194 was published for org.bouncycastle:bc-fips (Maven) Oct 25, 2025
An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348)... Moderate Unreviewed
CVE-2025-60419 was published Oct 24, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core)... Moderate Unreviewed
CVE-2025-62475 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62477 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62476 was published Oct 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database