Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,831
Maven
5,000+
npm
4,462
NuGet
775
pip
4,226
Pub
12
RubyGems
972
Rust
1,093
Swift
47
Unreviewed advisories
All unreviewed
5,000+

1,382 advisories

Loading
A vulnerability was determined in birkir prime up to 0.4.0.beta.0. This affects an unknown... Moderate Unreviewed
CVE-2026-1174 was published Jan 19, 2026
A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown... Moderate Unreviewed
CVE-2025-15532 was published Jan 17, 2026
Paessler PRTG Network Monitor before 25.4.114 allows Denial-of-Service (DoS) by an authenticated... Moderate Unreviewed
CVE-2025-67835 was published Jan 14, 2026
UxPlay 1.72 contains a double free vulnerability in its RTSP request handling. A specially... Moderate Unreviewed
CVE-2025-60458 was published Dec 29, 2025
In multiple locations, there is a possible permanent denial of service due to resource exhaustion... Moderate Unreviewed
CVE-2025-48569 was published Dec 8, 2025
In InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due... Moderate Unreviewed
CVE-2025-48603 was published Dec 8, 2025
In multiple functions of NotificationManagerService.java, there is a possible way to bypass the... Moderate Unreviewed
CVE-2025-48584 was published Dec 8, 2025
In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to... Moderate Unreviewed
CVE-2025-48590 was published Dec 8, 2025
In updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there... Moderate Unreviewed
CVE-2025-48576 was published Dec 8, 2025
Grav is vulnerable to a DOS on the admin panel Moderate
CVE-2025-66303 was published for getgrav/grav (Composer) Dec 2, 2025
alix41dsec
Credited to alix41dsec
When reading an HTTP response from a server, if no read amount is specified, the default behavior... Moderate Unreviewed
CVE-2025-13836 was published Dec 1, 2025
body-parser is vulnerable to denial of service when url encoding is used Moderate
CVE-2025-13466 was published for body-parser (npm) Nov 25, 2025
Phillip9587 bjohansebas
UlisesGascon ctcpip sheplu jonchurch
Credited to Phillip9587, bjohansebas, UlisesGascon, ctcpip, sheplu, and jonchurch
pypdf's LZWDecode streams be manipulated to exhaust RAM Moderate
CVE-2025-66019 was published for pypdf (pip) Nov 24, 2025
aydinnyunus stefan6419846
Credited to aydinnyunus and stefan6419846
HackerOne community member Dao Hoang Anh (yoyomiski) has reported an uncontrolled resource... Moderate Unreviewed
CVE-2025-55128 was published Nov 20, 2025
An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware... Moderate Unreviewed
CVE-2025-6599 was published Nov 18, 2025
Uncontrolled resource consumption for some Gaudi software before version 1.21.0 within Ring 3:... Moderate Unreviewed
CVE-2025-27249 was published Nov 11, 2025
An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution... Moderate Unreviewed
CVE-2025-60753 was published Nov 5, 2025
LibreChat version 0.7.9 is vulnerable to a Denial of Service (DoS) attack due to unbounded... Moderate Unreviewed
CVE-2025-8849 was published Oct 31, 2025
Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability... Moderate Unreviewed
CVE-2025-5342 was published Oct 30, 2025
Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local... Moderate Unreviewed
CVE-2025-61155 was published Oct 28, 2025
Bouncy Castle Vulnerable to Uncontrolled Resource Consumption Moderate
CVE-2025-12194 was published for org.bouncycastle:bc-fips (Maven) Oct 25, 2025
An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348)... Moderate Unreviewed
CVE-2025-60419 was published Oct 24, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62477 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62476 was published Oct 21, 2025
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component:... Moderate Unreviewed
CVE-2025-62478 was published Oct 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database