Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,053 advisories

Loading
BACnet Test Server versions up to and including 1.01 contains a remote denial of service... High Unreviewed
CVE-2020-36872 was published Nov 27, 2025
An issue was discovered in Veal98 Echo Open-Source Community System 2.2 thru 2.3 allowing an... High Unreviewed
CVE-2025-51741 was published Nov 25, 2025
body-parser is vulnerable to denial of service when url encoding is used Moderate
CVE-2025-13466 was published for body-parser (npm) Nov 25, 2025
Phillip9587 bjohansebas
UlisesGascon ctcpip sheplu jonchurch
Credited to Phillip9587, bjohansebas, UlisesGascon, ctcpip, sheplu, and jonchurch
pypdf's LZWDecode streams be manipulated to exhaust RAM Moderate
CVE-2025-66019 was published for pypdf (pip) Nov 24, 2025
aydinnyunus stefan6419846
Credited to aydinnyunus and stefan6419846
NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST High
CVE-2025-60638 was published for github.com/free5gc/nssf (Go) Nov 24, 2025
thread-amount Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS High
CVE-2025-65947 was published for thread-amount (Rust) Nov 21, 2025
jzeuzs
Credited to jzeuzs
A vulnerability in the web-based management interface of affected products could allow an... High Unreviewed
CVE-2025-37161 was published Nov 18, 2025
An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware... Moderate Unreviewed
CVE-2025-6599 was published Nov 18, 2025
Denial-of-service condition in M-Files Server versions before 25.11.15392.1 allows an... High Unreviewed
CVE-2025-11681 was published Nov 17, 2025
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in... High Unreviewed
CVE-2021-4467 was published Nov 15, 2025
ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2... High Unreviewed
CVE-2021-4465 was published Nov 15, 2025
The Epson Stylus SX510W embedded web management service fails to properly handle consecutive... High Unreviewed
CVE-2023-7326 was published Nov 13, 2025
jose2go is vulnerable to a JWT bomb attack through its decode function High
CVE-2025-63811 was published for github.com/dvsekhvalnov/jose2go (Go) Nov 12, 2025
Uncontrolled resource consumption for some Gaudi software before version 1.21.0 within Ring 3:... Moderate Unreviewed
CVE-2025-27249 was published Nov 11, 2025
In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in... High Unreviewed
CVE-2025-63288 was published Nov 10, 2025
An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v.1.20.0006 allows... High Unreviewed
CVE-2025-63560 was published Nov 6, 2025
An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution... Moderate Unreviewed
CVE-2025-60753 was published Nov 5, 2025
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem. Mishandling... High Unreviewed
CVE-2025-49494 was published Nov 4, 2025
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS... High Unreviewed
CVE-2025-43462 was published Nov 4, 2025
The issue was addressed with improved bounds checks. This issue is fixed in iOS 26.1 and iPadOS... High Unreviewed
CVE-2025-43424 was published Nov 4, 2025
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2025-43385 was published Nov 4, 2025
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a... High Unreviewed
CVE-2025-63561 was published Oct 31, 2025
If the value passed to os.path.expandvars() is user-controlled a performance degradation is... Low Unreviewed
CVE-2025-6075 was published Oct 31, 2025
Denial of service of the web server through specific requests to this protocol Critical Unreviewed
CVE-2025-64388 was published Oct 31, 2025
Malicious or unintentional API requests can be used to add significant amount of data to caches.... High Unreviewed
CVE-2025-30188 was published Oct 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database