Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,904
Erlang
38
GitHub Actions
38
Go
2,566
Maven
5,000+
npm
4,237
NuGet
753
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

82 advisories

Loading
Sinatra is vulnerable to ReDoS through ETag header value generation Low
CVE-2025-61921 was published for sinatra (RubyGems) Oct 10, 2025
dentarg
Credited to dentarg
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to... Low Unreviewed
CVE-2014-2343 was published May 17, 2022
Ackites KillWxapkg Zip Bomb Resource Exhaustion Low
CVE-2025-5031 was published for github.com/Ackites/KillWxapkg (Go) May 21, 2025
achibear
Credited to achibear
REXML has DoS condition when parsing malformed XML file Low
CVE-2025-58767 was published for rexml (RubyGems) Sep 17, 2025
sofiaaberegg
Credited to sofiaaberegg
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40802 was published Sep 9, 2025
Bouncy Castle for Java Uncontrolled Resource Consumption Vulnerability Low
CVE-2025-9092 was published for org.bouncycastle:bc-fips (Maven) Aug 16, 2025
Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for... Low Unreviewed
CVE-2025-27576 was published Aug 12, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). ... Low Unreviewed
CVE-2025-50100 was published Jul 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Low Unreviewed
CVE-2025-50098 was published Jul 15, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE (component:... Low Unreviewed
CVE-2025-30752 was published Jul 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Low Unreviewed
CVE-2025-50104 was published Jul 15, 2025
pm2 Regular Expression Denial of Service vulnerability Low
CVE-2025-5891 was published for pm2 (npm) Jun 9, 2025
mhassan1
Credited to mhassan1
A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as... Low Unreviewed
CVE-2025-4215 was published May 2, 2025
brace-expansion Regular Expression Denial of Service vulnerability Low
CVE-2025-5889 was published for brace-expansion (npm) Jun 9, 2025
turi4200 carboneater
viceice
Credited to turi4200, carboneater, and viceice
Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Low Unreviewed
CVE-2025-20616 was published May 13, 2025
Mattermost fails to limit the size of a request path Low
CVE-2024-22091 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
Apache Commons Configuration Uncontrolled Resource Consumption Low
CVE-2025-46392 was published for commons-configuration:commons-configuration (Maven) May 9, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Low Unreviewed
CVE-2025-30681 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). ... Low Unreviewed
CVE-2024-21231 was published Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services... Low Unreviewed
CVE-2024-21232 was published Oct 15, 2024
Microsoft Access Denial of Service Vulnerability Low Unreviewed
CVE-2023-29333 was published May 9, 2023
ReDoS based DoS vulnerability in Action Dispatch Low
CVE-2023-22792 was published for actionpack (RubyGems) Jan 18, 2023
robertoz-01 postmodern
Credited to robertoz-01 and postmodern
Mattermost Server Resource Exhaustion Low
CVE-2024-28053 was published for github.com/mattermost/mattermost-server (Go) Mar 15, 2024
A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any... Low Unreviewed
CVE-2024-6126 was published Jul 3, 2024
A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled... Low Unreviewed
CVE-2024-6501 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database