Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

476 advisories

Loading
Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it... High Unreviewed
CVE-2026-2261 was published Mar 9, 2026
A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall... High Unreviewed
CVE-2026-20082 was published Mar 4, 2026
Multer vulnerable to Denial of Service via resource exhaustion High
CVE-2026-2359 was published for multer (npm) Mar 1, 2026
ctcpip Credited to ctcpip, nawin23, UlisesGascon, sheplu, and bjohansebas nawin23 nawin23
UlisesGascon UlisesGascon sheplu sheplu bjohansebas bjohansebas
Hibernate Reactive Vulnerable to DoS via Connection Pool Exhaustion Moderate
CVE-2025-14969 was published for org.hibernate.reactive:hibernate-reactive-core (Maven) Jan 26, 2026
NiceGUI has Redis connection leak via tab storage causes service degradation Moderate
CVE-2026-21874 was published for nicegui (pip) Jan 8, 2026
yudelevi Credited to yudelevi and evnchn evnchn evnchn
thread-amount Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS High
CVE-2025-65947 was published for thread-amount (Rust) Nov 21, 2025
jzeuzs Credited to jzeuzs
Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an... Low Unreviewed
CVE-2025-64734 was published Nov 18, 2025
A health check port on Zscaler Client Connector on Windows, versions 4.6 < 4.6.0.216 and 4.7 < 4... Moderate Unreviewed
CVE-2025-54983 was published Nov 12, 2025
IBM MQ 9.1, 9.2, 9.3, 9.4 LTS and 9.3, 9.4 CD is vulnerable to a denial of service, caused by... High Unreviewed
CVE-2025-36128 was published Oct 16, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: clean... Moderate Unreviewed
CVE-2023-53199 was published Sep 15, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace... Moderate Unreviewed
CVE-2023-53152 was published Sep 15, 2025
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5... High Unreviewed
CVE-2025-30256 was published Aug 20, 2025
A flaw was found in the Linux kernel's ksmbd component. A memory leak can occur if a client sends... Moderate Unreviewed
CVE-2023-32255 was published Aug 3, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-36071 was published Jul 29, 2025
Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader... Moderate Unreviewed
CVE-2025-44003 was published Jul 10, 2025
In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix... High Unreviewed
CVE-2022-50189 was published Jun 18, 2025
Hackney fails to properly release HTTP connections to the pool Low
CVE-2025-3864 was published for hackney (Erlang) May 28, 2025
Pleezer resource exhaustion through uncollected hook script processes Moderate
CVE-2025-32439 was published for pleezer (Rust) Apr 14, 2025
MadMarcsen Credited to MadMarcsen
Goroutine Leak in Abacus SSE Implementation High
CVE-2025-27421 was published for github.com/jasonlovesdoggo/abacus (Go) Mar 3, 2025
JasonLovesDoggo Credited to JasonLovesDoggo
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint... High Unreviewed
CVE-2025-22891 was published Feb 5, 2025
This issue was addressed by improved management of object lifetimes. This issue is fixed in macOS... High Unreviewed
CVE-2025-24120 was published Jan 28, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't... Moderate Unreviewed
CVE-2024-53074 was published Nov 19, 2024
aiohttp has a memory leak when middleware is enabled when requesting a resource with a non-allowed method Moderate
CVE-2024-52303 was published for aiohttp (pip) Nov 18, 2024
An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the... High Unreviewed
CVE-2024-10396 was published Nov 14, 2024
Waitress vulnerable to DoS leading to high CPU usage/resource exhaustion High
CVE-2024-49769 was published for waitress (pip) Oct 29, 2024
djay Credited to djay, d-maurer, and digitalresistor d-maurer d-maurer
digitalresistor digitalresistor
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database