GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,558
Maven
5,000+
npm
4,232
NuGet
751
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
1,344 advisories
Filter by severity
Adminer and AdminerEvo allow an unauthenticated remote attacker to cause a denial of service by...
Moderate
Unreviewed
CVE-2023-45196
was published
Jun 24, 2024
MLflow Uncontrolled Resource Consumption vulnerability
Moderate
CVE-2025-0453
was published
for
mlflow
(pip)
Mar 20, 2025
LlamaIndex Uncontrolled Resource Consumption vulnerability
Moderate
CVE-2024-12910
was published
for
llama-index
(pip)
Mar 20, 2025
Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode
Moderate
CVE-2024-3651
was published
for
idna
(pip)
Apr 11, 2024
zipp Denial of Service vulnerability
Moderate
CVE-2024-5569
was published
for
zipp
(pip)
Jul 9, 2024
An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of...
Moderate
Unreviewed
CVE-2024-5208
was published
Jun 19, 2024
A Regular Expression Denial of Service (ReDoS) vulnerability exists in gaizhenbiao/chuanhuchatgpt...
Moderate
Unreviewed
CVE-2024-10955
was published
Mar 20, 2025
vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server
Moderate
CVE-2025-61620
was published
for
vllm
(pip)
Oct 7, 2025
NVIDIA Jetson Linux and IGX OS contain a vulnerability in NvMap, where improper tracking of...
Moderate
Unreviewed
CVE-2025-33177
was published
Oct 14, 2025
A vulnerability in the parsing of ethernet frames in AOS-8 Instant and AOS 10 could allow an...
Moderate
Unreviewed
CVE-2025-37148
was published
Oct 14, 2025
A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently...
Moderate
Unreviewed
CVE-2025-37139
was published
Oct 14, 2025
A weakness has been identified in Tomofun Furbo 360 up to FB0035_FW_036. This vulnerability...
Moderate
Unreviewed
CVE-2025-11635
was published
Oct 12, 2025
Authlib : JWE zip=DEF decompression bomb enables DoS
Moderate
GHSA-g7f3-828f-7h7m
was published
for
authlib
(pip)
Oct 10, 2025
In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform...
Moderate
Unreviewed
CVE-2025-20370
was published
Oct 1, 2025
An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If...
Moderate
Unreviewed
CVE-2025-52867
was published
Oct 3, 2025
A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the...
Moderate
Unreviewed
CVE-2025-11274
was published
Oct 5, 2025
Denial of Service in node-static
Moderate
GHSA-8r4g-cg4m-x23c
was published
for
node-static
(npm)
Sep 22, 2021
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial...
Moderate
Unreviewed
CVE-2014-2342
was published
May 17, 2022
The Flock Safety Android Collins application (aka com.flocksafety.android.collins) 6.35.31 for...
Moderate
Unreviewed
CVE-2025-59403
was published
Oct 2, 2025
Elasticsearch Uncontrolled Resource Consumption Vulnerability
Moderate
CVE-2024-52979
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 1, 2025
A vulnerability classified as problematic has been found in vercel hyper up to 3.4.1. This...
Moderate
Unreviewed
CVE-2025-7074
was published
Jul 5, 2025
Uncontrolled Resource Consumption in Spray JSON
Moderate
CVE-2018-18855
was published
for
io.spray:spray-json_2.10
(Maven)
Jun 28, 2022
A vulnerability was found in HobbesOSR Kitten up to c4f8b7c3158983d1020af432be1b417b28686736 and...
Moderate
Unreviewed
CVE-2025-6365
was published
Jun 20, 2025
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2020-28500
was published
for
lodash
(RubyGems)
Jan 6, 2022
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2019-1010266
was published
for
lodash
(RubyGems)
Jul 19, 2019
ProTip!
Advisories are also available from the
GraphQL API