Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,757
Maven
5,000+
npm
4,363
NuGet
766
pip
4,128
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,075 advisories

Loading
Apache CXF: Denial of Service vulnerability with temporary files High
CVE-2025-23184 was published for org.apache.cxf:cxf-core (Maven) Jan 21, 2025
Hash collision in typelevel jawn Moderate
CVE-2022-21653 was published for org.typelevel:jawn-parser_0.25 (Maven) Jan 6, 2022
nrktkt
Credited to nrktkt
On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can... High Unreviewed
CVE-2025-8872 was published Dec 16, 2025
Better Auth's rou3 Dependency has Double-Slash Path Normalization which can Bypass disabledPaths Config and Rate Limits High
GHSA-x732-6j76-qmhm was published for better-auth (npm) Dec 16, 2025
goksan
Credited to goksan
SyncBreeze 15.2.24 contains a denial of service vulnerability in the login authentication... High Unreviewed
CVE-2023-53873 was published Dec 15, 2025
Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up High
GHSA-5j59-xgg2-r9c4 was published for next (npm) Dec 12, 2025
Vite Plugin React has a Denial of Service Vulnerability in React Server Components High
GHSA-cpqf-f22c-r95x was published for @vitejs/plugin-rsc (npm) Dec 12, 2025
Denial of Service Vulnerability in React Server Components High
CVE-2025-67779 was published for react-server-dom-parcel (npm) Dec 12, 2025
minaliC 2.0.0 contains a denial of service vulnerability that allows remote attackers to crash... High Unreviewed
CVE-2024-58306 was published Dec 12, 2025
Next Vulnerable to Denial of Service with Server Components High
GHSA-mwv6-3258-q52c was published for next (npm) Dec 11, 2025
Ry0taK
Credited to Ry0taK
Denial of Service Vulnerability in React Server Components High
CVE-2025-55184 was published for react-server-dom-parcel (npm) Dec 11, 2025
Ry0taK
Credited to Ry0taK
An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before... High Unreviewed
CVE-2025-65803 was published Dec 10, 2025
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file... High Unreviewed
CVE-2023-52355 was published Jan 25, 2024
In multiple locations, there is a possible permanent denial of service due to resource exhaustion... Moderate Unreviewed
CVE-2025-48569 was published Dec 8, 2025
In InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due... Moderate Unreviewed
CVE-2025-48603 was published Dec 8, 2025
In getComponentName of MediaButtonReceiverHolder.java, there is a possible desync in persistence... High Unreviewed
CVE-2025-48615 was published Dec 8, 2025
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service... High Unreviewed
CVE-2025-48631 was published Dec 8, 2025
In updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there... Moderate Unreviewed
CVE-2025-48576 was published Dec 8, 2025
In multiple functions of NotificationManagerService.java, there is a possible way to bypass the... Moderate Unreviewed
CVE-2025-48584 was published Dec 8, 2025
In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to... Moderate Unreviewed
CVE-2025-48590 was published Dec 8, 2025
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak... High Unreviewed
CVE-2021-47295 was published May 21, 2024
When reading an HTTP response from a server, if no read amount is specified, the default behavior... Moderate Unreviewed
CVE-2025-13836 was published Dec 1, 2025
Logrus is vulnerable to DoS when using Entry.Writer() High
CVE-2025-65637 was published for github.com/sirupsen/logrus (Go) Dec 4, 2025
Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local... Moderate Unreviewed
CVE-2025-61155 was published Oct 28, 2025
Rhino has high CPU usage and potential DoS when passing specific numbers to `toFixed()` function Low
CVE-2025-66453 was published for org.mozilla:rhino (Maven) Dec 3, 2025
TechPizzaDev
Credited to TechPizzaDev
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database