Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,831
Maven
5,000+
npm
4,462
NuGet
775
pip
4,226
Pub
12
RubyGems
972
Rust
1,093
Swift
47
Unreviewed advisories
All unreviewed
5,000+

3,105 advisories

Loading
Denial of service of the web server through specific requests to this protocol Critical Unreviewed
CVE-2025-64388 was published Oct 31, 2025
Malicious or unintentional API requests can be used to add significant amount of data to caches.... High Unreviewed
CVE-2025-30188 was published Oct 31, 2025
LibreChat version 0.7.9 is vulnerable to a Denial of Service (DoS) attack due to unbounded... Moderate Unreviewed
CVE-2025-8849 was published Oct 31, 2025
Scrapy is vulnerable to a denial of service (DoS) attack due to flaws in brotli decompression implementation High
CVE-2025-6176 was published for Scrapy (pip) Oct 31, 2025
smithcoin Cycloctane
Credited to smithcoin and Cycloctane
gnark-crypto allows unchecked memory allocation during vector deserialization High
GHSA-fj2x-735w-74vq was published for github.com/consensys/gnark-crypto (Go) Oct 30, 2025
raefko
Credited to raefko
Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability... Moderate Unreviewed
CVE-2025-5342 was published Oct 30, 2025
Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This... High Unreviewed
CVE-2025-10932 was published Oct 29, 2025
Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse`` High
CVE-2025-62727 was published for starlette (pip) Oct 28, 2025
ch4n3-yoon nadavaseal
Credited to ch4n3-yoon and nadavaseal
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 1 of 2). High Unreviewed
CVE-2025-54604 was published Oct 28, 2025
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 2 of 2). High Unreviewed
CVE-2025-54605 was published Oct 28, 2025
Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local... Moderate Unreviewed
CVE-2025-61155 was published Oct 28, 2025
An issue was discovered in Prevx v3.0.5.220 allowing attackers to cause a denial of service via... High Unreviewed
CVE-2025-60349 was published Oct 28, 2025
Liferay Portal Vulnerable to DoS via Crafted Headless API Request High
CVE-2025-62260 was published for com.liferay.portal:release.portal.bom (Maven) Oct 28, 2025
Keycloak TLS Client-Initiated Renegotiation Denial of Service High
CVE-2025-11419 was published for org.keycloak:keycloak-quarkus-dist (Maven) Oct 27, 2025
Bouncy Castle Vulnerable to Uncontrolled Resource Consumption Moderate
CVE-2025-12194 was published for org.bouncycastle:bc-fips (Maven) Oct 25, 2025
An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348)... Moderate Unreviewed
CVE-2025-60419 was published Oct 24, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62476 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62477 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62478 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core)... Moderate Unreviewed
CVE-2025-62475 was published Oct 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-53062 was published Oct 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2025-53053 was published Oct 21, 2025
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The... Moderate Unreviewed
CVE-2025-53068 was published Oct 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-53054 was published Oct 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-53067 was published Oct 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database