Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

77 advisories

Loading
Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport... High Unreviewed
CVE-2023-0881 was published Mar 31, 2025
A regular expression used by AngularJS'  linky https://docs.angularjs.org/api/ngSanitize/filter... Moderate Unreviewed
CVE-2025-4690 was published Aug 19, 2025
IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to cause a denial of... High Unreviewed
CVE-2025-33090 was published Aug 18, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1... Moderate Unreviewed
CVE-2025-2937 was published Aug 13, 2025
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of... High Unreviewed
CVE-2024-6038 was published Jun 27, 2024
A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects... Moderate Unreviewed
CVE-2025-5895 was published Jun 9, 2025
A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1.... Moderate Unreviewed
CVE-2025-5892 was published Jun 9, 2025
The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain... Moderate Unreviewed
CVE-2025-6069 was published Jun 17, 2025
Inefficient regular expression complexity issue exists in GROWI prior to v7.1.6. If exploited, a... Moderate Unreviewed
CVE-2025-43880 was published Jun 25, 2025
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed
CVE-2024-4025 was published Jun 20, 2025
A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as... Low Unreviewed
CVE-2025-4215 was published May 2, 2025
The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker... High Unreviewed
CVE-2024-13926 was published Apr 19, 2025
The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin... Moderate Unreviewed
CVE-2024-13896 was published Apr 10, 2025
A potential DoS vulnerability was discovered in Gitlab CE/EE versions starting from 10.7 before... Moderate Unreviewed
CVE-2022-2908 was published Oct 17, 2022
A Regular Expression Denial of Service (ReDoS) vulnerability exists in lunary-ai/lunary version... High Unreviewed
CVE-2024-8998 was published Mar 20, 2025
IBM EntireX 11.1 could allow a local user to cause a denial of service due to use of a regular... Moderate Unreviewed
CVE-2024-54170 was published Feb 27, 2025
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard... High Unreviewed
CVE-2024-7592 was published Aug 19, 2024
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed... High Unreviewed
CVE-2024-6232 was published Sep 3, 2024
In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as... Moderate Unreviewed
CVE-2025-0367 was published Jan 30, 2025
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary... High Unreviewed
CVE-2024-4148 was published Jun 1, 2024
An issue in alanclarke URLite v.3.1.0 allows an attacker to cause a denial of service (DoS) via a... High Unreviewed
CVE-2023-51931 was published Feb 16, 2024
An issue in the validate_email function in CTFd/utils/validators/__init__.py of CTFd 3.7.3 allows... High Unreviewed
CVE-2024-46242 was published Jan 7, 2025
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote... High Unreviewed
CVE-2024-41766 was published Jan 4, 2025
In JetBrains YouTrack before 2024.3.52635 potential ReDoS was possible due to vulnerable RegExp... Moderate Unreviewed
CVE-2024-54157 was published Dec 4, 2024
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header... Moderate Unreviewed
CVE-2024-50574 was published Oct 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database