Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

924 advisories

Loading
Ribose RNP before 0.16.3 may hang when the input is malformed. Moderate Unreviewed
CVE-2023-29479 was published Apr 24, 2023
Allocation of Resources Without Limits or Throttling vulnerability in Shelly Pro 4PM (before v1.6... High Unreviewed
CVE-2025-11243 was published Nov 19, 2025
If an attacker causes kdcproxy to connect to an attacker-controlled KDC server (e.g. through... Moderate Unreviewed
CVE-2025-59089 was published Nov 12, 2025
In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user... Moderate Unreviewed
CVE-2025-54320 was published Nov 18, 2025
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message,... High Unreviewed
CVE-2025-32049 was published Apr 3, 2025
EasyFlow GP developed by Digiwin has a Denial of service vulnerability, allowing unauthenticated... High Unreviewed
CVE-2025-13165 was published Nov 17, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... Moderate Unreviewed
CVE-2025-53410 was published Nov 7, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... Moderate Unreviewed
CVE-2025-53409 was published Nov 7, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... Moderate Unreviewed
CVE-2025-53413 was published Nov 7, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... Low Unreviewed
CVE-2025-53411 was published Nov 7, 2025
A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of... Moderate Unreviewed
CVE-2025-12748 was published Nov 11, 2025
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes... Moderate Unreviewed
CVE-2025-36136 was published Nov 7, 2025
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes... Moderate Unreviewed
CVE-2025-36008 was published Nov 7, 2025
Allocation of Resources Without Limits or Throttling vulnerability in Azure Access Technology BLU... Critical Unreviewed
CVE-2025-11832 was published Oct 15, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6,... Moderate Unreviewed
CVE-2025-43211 was published Jul 30, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cinema Booking System v1.0... Moderate Unreviewed
CVE-2023-51334 was published Feb 20, 2025
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Car Park Booking System v3... Moderate Unreviewed
CVE-2023-51309 was published Feb 20, 2025
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Car Park... Moderate Unreviewed
CVE-2023-51310 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1... Moderate Unreviewed
CVE-2023-51339 was published Feb 20, 2025
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed
CVE-2021-41840 was published Feb 10, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Moderate Unreviewed
CVE-2024-20968 was published Feb 17, 2024
Certain DNSSEC aspects of the DNS protocol (in RFC 4035 and related RFCs) allow remote attackers... High Unreviewed
CVE-2023-50387 was published Feb 14, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-31880 was published Oct 23, 2024
Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU... Moderate Unreviewed
CVE-2024-23184 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database