Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

339 advisories

Loading
A regular expression used by AngularJS'  linky https://docs.angularjs.org/api/ngSanitize/filter... Moderate Unreviewed
CVE-2025-4690 was published Aug 19, 2025
Liferay Portal ReDoS with Role Name search in KaleoDesignerPortlet Moderate
CVE-2025-43764 was published for com.liferay:com.liferay.portal.workflow.kaleo.designer.web (Maven) Aug 23, 2025
Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport... High Unreviewed
CVE-2023-0881 was published Mar 31, 2025
Withdrawn Advisory: Microsoft Knack ReDoS Vulnerability in the Introspection Module Low
CVE-2025-54363 was published for knack (pip) Aug 20, 2025 withdrawn
Withdrawn Advisory: Microsoft Knack ReDoS Vulnerability in the Introspection Module Low
CVE-2025-54364 was published for knack (pip) Aug 20, 2025 withdrawn
Regular expression denial of service in apache tika Moderate
CVE-2022-30126 was published for org.apache.tika:tika-core (Maven) May 17, 2022
AndrzejBiernacki2010
parse-uri Regular expression Denial of Service (ReDoS) Moderate
CVE-2024-36751 was published for parse-uri (npm) Jan 16, 2025
dsimk
domain-suffix RegEx Denial of Service High
CVE-2024-25354 was published for domain-suffix (npm) Mar 28, 2024
dsimk
useragent Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26311 was published for useragent (npm) Oct 26, 2024
dsimk
nodemailer ReDoS when trying to send a specially crafted email Moderate
GHSA-9h6g-pr28-7cqp was published for nodemailer (npm) Jan 31, 2024
francoatmega dsimk
Inefficient Regular Expression Complexity in Liferay Portal High
CVE-2022-42124 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022
Cattown is Vulnerable to Uncontrolled Resource Consumption through Inefficient Regular Expression Complexity High
CVE-2025-58451 was published for cattown (npm) Sep 9, 2025
Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer Moderate
CVE-2025-6638 was published for transformers (pip) Sep 12, 2025
Hugging Face Transformers library has Regular Expression Denial of Service Moderate
CVE-2025-6051 was published for transformers (pip) Sep 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database