Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,558
Maven
5,000+
npm
4,232
NuGet
751
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,291 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions from 8.7 before 17.10.8, 17... Moderate Unreviewed
CVE-2025-1516 was published Jun 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-1478 was published Jun 12, 2025
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and... High Unreviewed
CVE-2025-25032 was published Jun 11, 2025
Drupal Admin Audit Trail Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2025-48448 was published for drupal/admin_audit_trail (Composer) Jun 11, 2025
A maliciously crafted .usdc file, when loaded through Autodesk Maya, can force an uncontrolled... Moderate Unreviewed
CVE-2025-4605 was published Jun 11, 2025
Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS) High
CVE-2025-49140 was published for github.com/pion/interceptor (Go) Jun 9, 2025
JoeTurki kmansoft
3DRX
Credited to JoeTurki, kmansoft, and 3DRX
CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification High
CVE-2025-47950 was published for github.com/coredns/coredns (Go) Jun 6, 2025
thevilledev dfunkt
Credited to thevilledev and dfunkt
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-22484 was published Jun 6, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-29872 was published Jun 6, 2025
Resource allocation control failure vulnerability in the ArkUI framework Impact: Successful... Moderate Unreviewed
CVE-2024-58114 was published Jun 6, 2025
When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash... Moderate Unreviewed
CVE-2025-5683 was published Jun 5, 2025
ReDoS Vulnerability in Rack::Multipart handle_mime_head Moderate
CVE-2025-49007 was published for rack (RubyGems) Jun 5, 2025
An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131... High Unreviewed
CVE-2018-25112 was published Jun 4, 2025
A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to... High Unreviewed
CVE-2025-46807 was published Jun 2, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-3050 was published May 29, 2025
An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11,... Moderate Unreviewed
CVE-2025-48738 was published May 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 17.10.7, 17... Moderate Unreviewed
CVE-2024-7803 was published May 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before... High Unreviewed
CVE-2025-0993 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-3111 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before... Moderate Unreviewed
CVE-2025-2853 was published May 22, 2025
Allocation of Resources Without Limits or Throttling vulnerability in Drupal Events Log Track... High Unreviewed
CVE-2025-4416 was published May 21, 2025
Tornado vulnerable to excessive logging caused by malformed multipart form data High
CVE-2025-47287 was published for tornado (pip) May 16, 2025
Startr4ck awsactran
Credited to Startr4ck and awsactran
Babylon Integer Overflow in Distribution Module CumulativeRewardRatio Calculation Leading to Chain Halt High
GHSA-869w-47c6-fq8q was published for github.com/babylonlabs-io/babylon (Go) May 15, 2025
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-29957 was published May 13, 2025
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows... Moderate Unreviewed
CVE-2025-29954 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database