Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,030 advisories

Loading
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a... High Unreviewed
CVE-2025-63561 was published Oct 31, 2025
Brotli is vulnerable to a denial of service (DoS) attack due to decompression High
CVE-2025-6176 was published for brotli (pip) Oct 31, 2025
If the value passed to os.path.expandvars() is user-controlled a performance degradation is... Low Unreviewed
CVE-2025-6075 was published Oct 31, 2025
Denial of service of the web server through specific requests to this protocol Critical Unreviewed
CVE-2025-64388 was published Oct 31, 2025
Malicious or unintentional API requests can be used to add significant amount of data to caches.... High Unreviewed
CVE-2025-30188 was published Oct 31, 2025
LibreChat version 0.7.9 is vulnerable to a Denial of Service (DoS) attack due to unbounded... Moderate Unreviewed
CVE-2025-8849 was published Oct 31, 2025
gnark-crypto allows unchecked memory allocation during vector deserialization High
GHSA-fj2x-735w-74vq was published for github.com/consensys/gnark-crypto (Go) Oct 30, 2025
raefko
Credited to raefko
In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated... High Unreviewed
CVE-2025-38501 was published Aug 16, 2025
Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability... Moderate Unreviewed
CVE-2025-5342 was published Oct 30, 2025
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 2 of 2). High Unreviewed
CVE-2025-54605 was published Oct 28, 2025
Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This... High Unreviewed
CVE-2025-10932 was published Oct 29, 2025
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 1 of 2). High Unreviewed
CVE-2025-54604 was published Oct 28, 2025
Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local... Moderate Unreviewed
CVE-2025-61155 was published Oct 28, 2025
An issue was discovered in Prevx v3.0.5.220 allowing attackers to cause a denial of service via... High Unreviewed
CVE-2025-60349 was published Oct 28, 2025
Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse`` High
CVE-2025-62727 was published for starlette (pip) Oct 28, 2025
ch4n3-yoon
Credited to ch4n3-yoon
Liferay Portal Vulnerable to DoS via Crafted Headless API Request High
CVE-2025-62260 was published for com.liferay.portal:release.portal.bom (Maven) Oct 28, 2025
An issue in SunOS Omnios v5.11 allows attackers to cause a Denial of Service (DoS) via repeatedly... High Unreviewed
CVE-2024-57412 was published Sep 29, 2025
Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP... High Unreviewed
CVE-2025-56233 was published Sep 29, 2025
AT_NA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the... High Unreviewed
CVE-2025-56234 was published Sep 29, 2025
The Blackmagic ATEM Mini Pro 2.7 exposes an undocumented Telnet service on TCP port 9993, which... High Unreviewed
CVE-2025-57440 was published Sep 22, 2025
Bouncy Castle Vulnerable to Uncontrolled Resource Consumption Moderate
CVE-2025-12194 was published for org.bouncycastle:bc-fips (Maven) Oct 25, 2025
Keycloak TLS Client-Initiated Renegotiation Denial of Service High
CVE-2025-11419 was published for org.keycloak:keycloak-quarkus-dist (Maven) Oct 27, 2025
ProcessWire CMS vulnerable to resource-exhaustion Denial of Service Moderate
CVE-2025-60790 was published for processwire/processwire (Composer) Oct 21, 2025
An issue was discovered in the NDIS Usermode IO driver (RtkIOAC60.sys, version 6.0.5600.16348)... Moderate Unreviewed
CVE-2025-60419 was published Oct 24, 2025
Parallax is vulnerable to DoS via malicious p2p message High
GHSA-xc79-566c-j4qx was published for github.com/microstack-tech/parallax (Go) Oct 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database