Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,722
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,947
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,779 advisories

Loading
A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource... High Unreviewed
CVE-2023-48834 was published Dec 7, 2023
A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an... High Unreviewed
CVE-2022-37884 was published Sep 21, 2022
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong... Moderate Unreviewed
CVE-2025-26466 was published Mar 1, 2025
Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function Moderate
CVE-2024-52980 was published for org.elasticsearch:elasticsearch (Maven) Apr 8, 2025
AnonySE26
Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion Moderate
CVE-2024-52981 was published for org.elasticsearch:elasticsearch (Maven) Apr 8, 2025
AnonySE26
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption)... High Unreviewed
CVE-2022-40188 was published Sep 25, 2022
phpMyAdmin Denial Of Service (DOS) attack High
CVE-2016-5706 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
decsecre583
This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS... High Unreviewed
CVE-2022-32790 was published Sep 25, 2022
An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows... High Unreviewed
CVE-2023-41151 was published Dec 14, 2023
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections,... High Unreviewed
CVE-2025-5024 was published May 22, 2025
Ackites KillWxapkg Zip Bomb Resource Exhaustion Low
CVE-2025-5031 was published for github.com/Ackites/KillWxapkg (Go) May 21, 2025
On Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task can... High Unreviewed
CVE-2022-34326 was published Sep 28, 2022
An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo... Moderate Unreviewed
CVE-2022-41842 was published Oct 1, 2022
An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in... Moderate Unreviewed
CVE-2022-41844 was published Oct 1, 2022
css-what vulnerable to ReDoS due to use of insecure regular expression High
CVE-2022-21222 was published for css-what (npm) Oct 1, 2022
Linkerd resource exhaustion vulnerability Moderate
CVE-2025-43915 was published for github.com/linkerd/linkerd2 (Go) May 5, 2025
ericd
org.ini4j allows attackers to cause a Denial of Service (DoS) High
CVE-2022-41404 was published for org.ini4j:ini4j (Maven) Oct 12, 2022
VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest... Moderate Unreviewed
CVE-2025-41226 was published May 20, 2025
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain... Moderate Unreviewed
CVE-2025-41227 was published May 20, 2025
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-29957 was published May 13, 2025
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows... Moderate Unreviewed
CVE-2025-29954 was published May 13, 2025
Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized... High Unreviewed
CVE-2025-26677 was published May 13, 2025
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs... High Unreviewed
CVE-2023-49550 was published Jan 3, 2024
Meteor Affected By Inefficient Regular Expression Complexity Moderate
CVE-2025-4727 was published for meteor (npm) May 16, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource... High Unreviewed
CVE-2025-26481 was published May 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database