Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,312 advisories

Loading
A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of... Moderate Unreviewed
CVE-2025-12748 was published Nov 11, 2025
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes... Moderate Unreviewed
CVE-2025-36136 was published Nov 7, 2025
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes... Moderate Unreviewed
CVE-2025-36008 was published Nov 7, 2025
Allocation of Resources Without Limits or Throttling vulnerability in Azure Access Technology BLU... Critical Unreviewed
CVE-2025-11832 was published Oct 15, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... Moderate Unreviewed
CVE-2025-53410 was published Nov 7, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... Moderate Unreviewed
CVE-2025-53409 was published Nov 7, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... Low Unreviewed
CVE-2025-53411 was published Nov 7, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... Moderate Unreviewed
CVE-2025-53413 was published Nov 7, 2025
Consul event endpoint is vulnerable to denial of service Moderate
CVE-2025-11375 was published for github.com/hashicorp/consul (Go) Oct 28, 2025
Consul key/value endpoint is vulnerable to denial of service Moderate
CVE-2025-11374 was published for github.com/hashicorp/consul (Go) Oct 28, 2025
Eclipse Jetty affected by MadeYouReset HTTP/2 vulnerability High
CVE-2025-5115 was published for org.eclipse.jetty.http2:http2-common (Maven) Aug 20, 2025
galbarnahum AnatBB
YanivRL
Credited to galbarnahum, AnatBB, and YanivRL
Netty affected by MadeYouReset HTTP/2 DDoS vulnerability High
CVE-2025-55163 was published for io.grpc:grpc-netty-shaded (Maven) Aug 13, 2025
galbarnahum AnatBB
YanivRL aikebah jjweston if-of
Credited to galbarnahum, AnatBB, YanivRL, aikebah, jjweston, and if-of
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6,... Moderate Unreviewed
CVE-2025-43211 was published Jul 30, 2025
Django denial-of-service attack in the intcomma template filter High
CVE-2024-24680 was published for Django (pip) Feb 7, 2024
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cinema Booking System v1.0... Moderate Unreviewed
CVE-2023-51334 was published Feb 20, 2025
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Car Park Booking System v3... Moderate Unreviewed
CVE-2023-51309 was published Feb 20, 2025
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1... Moderate Unreviewed
CVE-2023-51339 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Car Park... Moderate Unreviewed
CVE-2023-51310 was published Feb 20, 2025
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed
CVE-2021-41840 was published Feb 10, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Moderate Unreviewed
CVE-2024-20968 was published Feb 17, 2024
Certain DNSSEC aspects of the DNS protocol (in RFC 4035 and related RFCs) allow remote attackers... High Unreviewed
CVE-2023-50387 was published Feb 14, 2024
Django vulnerable to Denial of Service High
CVE-2024-39614 was published for Django (pip) Jul 10, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-31880 was published Oct 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database