Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,556
Maven
5,000+
npm
4,228
NuGet
747
pip
4,000
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,343 advisories

Loading
GraphQL Armor Max-Depth Plugin Bypass via fragment caching Moderate
GHSA-224p-v68g-5g8f was published for @escape.tech/graphql-armor-max-depth (npm) Aug 26, 2025
GraphQL Armor Max-Depth Plugin Bypass via Introspection Query Obfuscation Moderate
GHSA-hmfr-rx46-4jx2 was published for @escape.tech/graphql-armor-max-depth (npm) Aug 26, 2025
M0ngi
Credited to M0ngi
Bouncy Castle for Java has Uncontrolled Resource Consumption Vulnerability Moderate
CVE-2025-9341 was published for org.bouncycastle:bc-fips (Maven) Aug 22, 2025
A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function... Moderate Unreviewed
CVE-2025-9308 was published Aug 21, 2025
An issue in the component /settings/localisation of Akaunting v3.1.18 allows authenticated... Moderate Unreviewed
CVE-2025-55521 was published Aug 21, 2025
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of... Moderate Unreviewed
CVE-2025-8449 was published Aug 20, 2025
Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in... Moderate Unreviewed
CVE-2025-55028 was published Aug 19, 2025
PyPDF's Manipulated FlateDecode streams can exhaust RAM Moderate
CVE-2025-55197 was published for pypdf (pip) Aug 13, 2025
jakiki6 stefan6419846
Credited to jakiki6 and stefan6419846
Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series... Moderate Unreviewed
CVE-2025-26697 was published Aug 12, 2025
Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for... Moderate Unreviewed
CVE-2025-27250 was published Aug 12, 2025
Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series... Moderate Unreviewed
CVE-2025-26863 was published Aug 12, 2025
Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for... Moderate Unreviewed
CVE-2025-26472 was published Aug 12, 2025
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed
CVE-2025-40766 was published Aug 12, 2025
Oak Server has ReDoS in x-forwarded-proto and x-forwarded-for headers Moderate
CVE-2025-55152 was published for @oakserver/oak (npm) Aug 12, 2025
dellalibera
Credited to dellalibera
A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0... Moderate Unreviewed
CVE-2025-8537 was published Aug 5, 2025
MaterialX Lack of MTLX Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion Moderate
CVE-2025-53012 was published for MaterialX (pip) Jul 31, 2025
suidpit ndaprela
TheZ3ro smaury
Credited to suidpit, ndaprela, TheZ3ro, and smaury
SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks Moderate
CVE-2025-54575 was published for SixLabors.ImageSharp (NuGet) Jul 30, 2025
whatevicanhaz
Credited to whatevicanhaz
Ruby SAML DOS vulnerability with large SAML response Moderate
CVE-2025-54572 was published for ruby-saml (RubyGems) Jul 30, 2025
Yuuki77 dblessing
Credited to Yuuki77 and dblessing
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6.... Moderate Unreviewed
CVE-2025-43235 was published Jul 30, 2025
A vulnerability was found in prettier up to 3.6.2. It has been declared as problematic. Affected... Moderate Unreviewed
CVE-2025-8263 was published Jul 28, 2025
A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-8262 was published Jul 28, 2025
vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist... Moderate Unreviewed
CVE-2025-46171 was published Jul 23, 2025
A high privileged remote attacker can exhaust critical system resources by sending specifically... Moderate Unreviewed
CVE-2025-41677 was published Jul 21, 2025
A high privileged remote attacker can exhaust critical system resources by sending specifically... Moderate Unreviewed
CVE-2025-41676 was published Jul 21, 2025
A DOS vulnerability in RSFiles! component 1.16.3-1.17.7 Joomla was discovered. The issue allows... Moderate Unreviewed
CVE-2025-50057 was published Jul 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database