Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

973 advisories

Loading
A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly... Low Unreviewed
CVE-2025-8277 was published Sep 9, 2025
A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt... Moderate Unreviewed
CVE-2025-9165 was published Aug 19, 2025
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall... Moderate Unreviewed
CVE-2025-20254 was published Aug 14, 2025
A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security... Moderate Unreviewed
CVE-2025-20135 was published Aug 14, 2025
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall... Moderate Unreviewed
CVE-2025-20252 was published Aug 14, 2025
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS... Moderate Unreviewed
CVE-2025-20225 was published Aug 14, 2025
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall... Moderate Unreviewed
CVE-2025-20224 was published Aug 14, 2025
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS... High Unreviewed
CVE-2025-20239 was published Aug 14, 2025
A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of... High Unreviewed
CVE-2025-20133 was published Aug 14, 2025
Missing release of memory after effective lifetime in the UEFI OobRasMmbiHandlerDriver module for... Moderate Unreviewed
CVE-2025-20077 was published Aug 12, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-27562 was published Aug 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-24925 was published Aug 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-24844 was published Aug 11, 2025
LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak. Moderate Unreviewed
CVE-2025-54939 was published Aug 1, 2025
A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects... Moderate Unreviewed
CVE-2025-8225 was published Jul 27, 2025
Redis through 7.4.3 allows memory consumption via a multi-bulk command composed of many bulks,... Moderate Unreviewed
CVE-2025-46686 was published Jul 23, 2025
NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial... Moderate Unreviewed
CVE-2024-42649 was published Jul 14, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon... Moderate Unreviewed
CVE-2025-52986 was published Jul 11, 2025
Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue... High Unreviewed
CVE-2025-53020 was published Jul 10, 2025
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue... Moderate Unreviewed
CVE-2025-7068 was published Jul 4, 2025
A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is... Moderate Unreviewed
CVE-2025-6498 was published Jun 23, 2025
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an... High Unreviewed
CVE-2025-29828 was published Jun 10, 2025
A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0.... Moderate Unreviewed
CVE-2025-5324 was published May 29, 2025
Multer vulnerable to Denial of Service via memory leaks from unclosed streams High
CVE-2025-47935 was published for multer (npm) May 19, 2025
ctcpip UlisesGascon
UnlimitedBytes
In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in ... Low Unreviewed
CVE-2025-23165 was published May 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database