Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

976 advisories

Loading
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it... High Unreviewed
CVE-2024-12705 was published Jan 30, 2025
github.com/hashicorp/yamux's DefaultConfig has dangerous defaults causing hung Read Moderate
GHSA-29qp-crvh-w22m was published for github.com/hashicorp/yamux (Go) Jan 29, 2025
An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the... High Unreviewed
CVE-2024-57519 was published Jan 29, 2025
In AXESS ACS (Auto Configuration Server) through 5.2.0, unsanitized user input in the TR069 API... High Unreviewed
CVE-2024-56316 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma... Critical Unreviewed
CVE-2025-24163 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura... Critical Unreviewed
CVE-2025-24124 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS... Critical Unreviewed
CVE-2025-24139 was published Jan 28, 2025
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3,... Moderate Unreviewed
CVE-2025-24158 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura... Critical Unreviewed
CVE-2025-24123 was published Jan 28, 2025
An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions... Moderate Unreviewed
CVE-2025-0695 was published Jan 27, 2025
An allocation-size-too-big bug in the component /imagebuf.cpp of OpenImageIO v3.1.0.0dev may... High Unreviewed
CVE-2024-55195 was published Jan 24, 2025
Unlimited consumption of resources in @fastify/multipart High
CVE-2025-24033 was published for @fastify/multipart (npm) Jan 23, 2025
Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an... Moderate Unreviewed
CVE-2025-0635 was published Jan 23, 2025
An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed
CVE-2024-43708 was published Jan 23, 2025
An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a... Moderate Unreviewed
CVE-2024-52972 was published Jan 23, 2025
DoS in Cilium agent DNS proxy from crafted DNS responses Moderate
CVE-2025-23028 was published for github.com/cilium/cilium (Go) Jan 22, 2025
bimmlerd kokelley-cisco
Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a... High Unreviewed
CVE-2023-37014 was published Jan 22, 2025
Open5GS MME versions <= 2.6.4 contain a reachable assertion in the `UE Context Release Request`... High Unreviewed
CVE-2023-37022 was published Jan 22, 2025
In multiple locations, there is a possible failure to persist permissions settings due to... High Unreviewed
CVE-2024-49735 was published Jan 22, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). ... Moderate Unreviewed
CVE-2025-21543 was published Jan 21, 2025
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... High Unreviewed
CVE-2025-21545 was published Jan 21, 2025
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications ... Critical Unreviewed
CVE-2025-21547 was published Jan 21, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2025-21549 was published Jan 21, 2025
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). ... Moderate Unreviewed
CVE-2025-21548 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21494 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database