Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,821
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,459 advisories

Loading
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04.... High Unreviewed
CVE-2025-41360 was published Jun 6, 2025
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04.... High Unreviewed
CVE-2025-41361 was published Jun 6, 2025
org.ini4j allows attackers to cause a Denial of Service (DoS) High
CVE-2022-41404 was published for org.ini4j:ini4j (Maven) Oct 12, 2022
cx-eilon-cohen
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of... High Unreviewed
CVE-2025-3112 was published Jun 10, 2025
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an... High Unreviewed
CVE-2025-33068 was published Jun 10, 2025
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS)... High Unreviewed
CVE-2025-32724 was published Jun 10, 2025
kangax html-minifier REDoS vulnerability High
CVE-2022-37620 was published for html-minifier (npm) Oct 31, 2022
DanielRuf
Undertow Uncontrolled Resource Consumption High
CVE-2021-3629 was published for io.undertow:undertow-core (Maven) May 25, 2022
nhakmiller
Liferay Portal does not limit the depth of a GraphQL queries High
CVE-2025-3602 was published for com.liferay:com.liferay.portal.vulcan.impl (Maven) Jun 16, 2025
Liferay Portal SessionClicks does not restrict the saving of request parameters in the HTTP session High
CVE-2025-3526 was published for com.liferay.portal:com.liferay.portal.kernel (Maven) Jun 16, 2025
An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment,... High Unreviewed
CVE-2023-42358 was published Jan 3, 2024
ESI plugin does not have the limit for maximum inclusion depth, and that allows excessive memory... High Unreviewed
CVE-2025-49763 was published Jun 19, 2025
launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of... High Unreviewed
CVE-2023-52113 was published Jan 16, 2024
Spring Framework server Web DoS Vulnerability High
CVE-2024-22233 was published for org.springframework:spring-core (Maven) Jan 22, 2024
aruneko reva
YukiInu fnxpt schmidt-fu tolmaidis LukaszGrzesik
An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attackers to cause a Denial of... High Unreviewed
CVE-2025-44531 was published Jun 24, 2025
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU:... High Unreviewed
CVE-2019-6535 was published May 13, 2022
ZenML unauthenticated DoS via Multipart Boundry High
CVE-2024-9340 was published for zenml (pip) Mar 20, 2025
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting... High Unreviewed
CVE-2025-6297 was published Jul 1, 2025
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect... High Unreviewed
CVE-2025-6714 was published Jul 7, 2025
Uncontrolled Resource Consumption vulnerability in Wikimedia Foundation Mediawiki - IPInfo... High Unreviewed
CVE-2025-53481 was published Jul 4, 2025
Apache Traffic Control vulnerable to Slowloris-style Denial of Service attack High
CVE-2017-7670 was published for github.com/apache/trafficcontrol (Go) May 13, 2022
Zimbra Collaboration Suite (ZCS) before 9.0.0 Patch 46, 10.0.x before 10.0.15, and 10.1.x before... High Unreviewed
CVE-2025-53645 was published Jul 9, 2025
Apache James vulnerable to denial of service through the use of IMAP literals High
CVE-2024-37358 was published for org.apache.james.protocols:protocols-imap (Maven) Feb 6, 2025
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections,... High Unreviewed
CVE-2025-5024 was published May 22, 2025
Open WebUI Uncontrolled Resource Consumption vulnerability High
CVE-2024-7036 was published for open-webui (pip) Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database