Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,556
Maven
5,000+
npm
4,228
NuGet
747
pip
4,000
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,507 advisories

Loading
Liferay Portal: Missing Rate Limiting in GraphQL Endpoint Enables Resource Exhaustion Attack High
CVE-2025-43796 was published for com.liferay:com.liferay.portal.vulcan.api (Maven) Sep 12, 2025
An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) Integer overflow and invalid... High Unreviewed
CVE-2025-57614 was published Sep 10, 2025
A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software... High Unreviewed
CVE-2025-20340 was published Sep 10, 2025
Cattown is Vulnerable to Uncontrolled Resource Consumption through Inefficient Regular Expression Complexity High
CVE-2025-58451 was published for cattown (npm) Sep 9, 2025
cai0duque
Credited to cai0duque
An issue in Open5GS v2.7.2 and before allows a remote attacker to cause a denial of service via a... High Unreviewed
CVE-2025-52322 was published Sep 9, 2025
Assertion failure in function ngap_build_downlink_nas_transport in file src/amf/ngap-build.c, the... High Unreviewed
CVE-2025-52288 was published Sep 8, 2025
Adacore Ada Web Server (AWS) before 25.2 is vulnerable to a denial-of-service (DoS) condition due... High Unreviewed
CVE-2025-52494 was published Sep 8, 2025
Liferay Portal Vulnerable to Denial of Service in Kaleo Forms Admin High
CVE-2025-43772 was published for com.liferay:com.liferay.portal.workflow.kaleo.forms.web (Maven) Sep 4, 2025
Denial of service High Unreviewed
CVE-2025-36892 was published Sep 4, 2025
gnark affected by denial of service when computing scalar multiplication using fake-GLV algorithm High
CVE-2025-58157 was published for github.com/consensys/gnark (Go) Aug 29, 2025
feltroidprime
Credited to feltroidprime
Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was... High Unreviewed
CVE-2025-55631 was published Aug 22, 2025
Incorrect access control in the RTMP server settings of Reolink Smart 2K+ Plug-in Wi-Fi Video... High Unreviewed
CVE-2025-55634 was published Aug 22, 2025
Denial-of-Service attack in pyLoad CNL Blueprint using dukpy.evaljs High
CVE-2025-57751 was published for pyload-ng (pip) Aug 21, 2025
cyjhhh
Credited to cyjhhh
vllm API endpoints vulnerable to Denial of Service Attacks High
CVE-2025-48956 was published for vllm (pip) Aug 21, 2025
jperezdealgaba russellb
taneem-ibrahim
Credited to jperezdealgaba, russellb, and taneem-ibrahim
Eclipse Jetty affected by MadeYouReset HTTP/2 vulnerability High
CVE-2025-5115 was published for org.eclipse.jetty.http2:http2-common (Maven) Aug 20, 2025
galbarnahum AnatBB
YanivRL
Credited to galbarnahum, AnatBB, and YanivRL
'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability... High Unreviewed
CVE-2025-9182 was published Aug 19, 2025
Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in... High Unreviewed
CVE-2025-55029 was published Aug 19, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the fw_ip... High Unreviewed
CVE-2025-55588 was published Aug 18, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url... High Unreviewed
CVE-2025-55586 was published Aug 18, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname... High Unreviewed
CVE-2025-55587 was published Aug 18, 2025
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the... High Unreviewed
CVE-2025-50615 was published Aug 13, 2025
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized... High Unreviewed
CVE-2025-53722 was published Aug 12, 2025
An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2025-46206 was published Aug 4, 2025
An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an... High Unreviewed
CVE-2025-50420 was published Aug 4, 2025
NanoMQ v0.17.9 was discovered to contain a heap use-after-free vulnerability via the component... High Unreviewed
CVE-2024-42651 was published Jul 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database