Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,229 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix... Moderate Unreviewed
CVE-2025-21866 was published Mar 12, 2025
A vulnerability in the handling of specific packets that are punted from a line card to a route... High Unreviewed
CVE-2025-20141 was published Mar 12, 2025
A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software... High Unreviewed
CVE-2025-20209 was published Mar 12, 2025
Ruby SAML allows remote Denial of Service (DoS) with compressed SAML responses High
CVE-2025-25293 was published for ruby-saml (RubyGems) Mar 12, 2025
p-
An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8... Moderate Unreviewed
CVE-2024-13054 was published Mar 13, 2025
An issue was discovered in GitLab EE affecting all versions starting with 12.3 before 17.7.7, 17... Moderate Unreviewed
CVE-2025-1257 was published Mar 13, 2025
Memory Exhaustion in Expr Parser with Unrestricted Input High
CVE-2025-29786 was published for github.com/expr-lang/expr (Go) Mar 17, 2025
thevilledev
jsPDF Bypass Regular Expression Denial of Service (ReDoS) High
CVE-2025-29907 was published for jspdf (npm) Mar 18, 2025
vLLM denial of service via outlines unbounded cache on disk Moderate
CVE-2025-29770 was published for vllm (pip) Mar 19, 2025
russellb
Open WebUI Uncontrolled Resource Consumption vulnerability High
CVE-2024-12537 was published for open-webui (npm) Mar 20, 2025
Ollama Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2025-0315 was published for github.com/ollama/ollama (Go) Mar 20, 2025
Web Push Denial of Service via malicious Web Push endpoint Moderate
GHSA-fc83-9jwq-gc2m was published for web-push (Rust) Mar 24, 2025
An Allocation of Resources Without Limits or Throttling vulnerability in the operating system... High Unreviewed
CVE-2024-45484 was published Mar 25, 2025
Keycloak Denial of Service (DoS) Vulnerability via JWT Token Cache Moderate
CVE-2025-2559 was published for org.keycloak:keycloak-services (Maven) Mar 25, 2025
Directus's S3 assets become unavailable after a burst of malformed transformations Moderate
CVE-2025-30225 was published for @directus/storage-driver-s3 (npm) Mar 26, 2025
joselcvarela
Directus's S3 assets become unavailable after a burst of HEAD requests Moderate
CVE-2025-30350 was published for @directus/storage-driver-s3 (npm) Mar 26, 2025
joselcvarela
Nethermind Juno Potential Denial of Service (DoS) via Integer Overflow High
CVE-2025-29072 was published for github.com/NethermindEth/juno (Go) Mar 27, 2025
An issue has been discovered in GitLab EE/CE affecting all versions from 12.10 before 17.8.6, 17... Moderate Unreviewed
CVE-2024-10307 was published Mar 28, 2025
Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An... Moderate Unreviewed
CVE-2024-45700 was published Apr 2, 2025
image-size Denial of Service via Infinite Loop during Image Processing High
GHSA-m5qc-5hw7-8vg7 was published for image-size (npm) Apr 2, 2025
dellalibera TheFrankemon
Django Potential Denial of Service (DoS) on Windows Moderate
CVE-2025-27556 was published for Django (pip) Apr 2, 2025
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message,... High Unreviewed
CVE-2025-32049 was published Apr 3, 2025
Allocation of resources without limits or throttling issue exists in HMI ViewJet C-more series... Moderate Unreviewed
CVE-2025-24317 was published Apr 4, 2025
Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass High
CVE-2025-32032 was published for apollo-router (Rust) Apr 7, 2025
Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion High
CVE-2025-32034 was published for apollo-router (Rust) Apr 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database