Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,700
Maven
5,000+
npm
4,327
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

516 advisories

Loading
MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of... Moderate Unreviewed
CVE-2025-13946 was published Dec 3, 2025
Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p... High Unreviewed
CVE-2025-66252 was published Nov 26, 2025
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects... Moderate Unreviewed
CVE-2025-41074 was published Nov 20, 2025
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optin that causes infinite HTTP redirects... Moderate Unreviewed
CVE-2025-41075 was published Nov 20, 2025
eProsima Fast-DDS v3.3 and before has an infinite loop vulnerability caused by integer overflow... Moderate Unreviewed
CVE-2025-63829 was published Nov 18, 2025
MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of... Moderate Unreviewed
CVE-2025-11626 was published Oct 11, 2025
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE... High Unreviewed
CVE-2025-20312 was published Sep 24, 2025
In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads... Moderate Unreviewed
CVE-2022-49097 was published Sep 23, 2025
In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming... Low Unreviewed
CVE-2025-30187 was published Sep 18, 2025
In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain... Moderate Unreviewed
CVE-2025-38692 was published Sep 5, 2025
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: qcs615:... Moderate Unreviewed
CVE-2025-38649 was published Aug 22, 2025
A vulnerability in the IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall ASA... High Unreviewed
CVE-2025-20253 was published Aug 14, 2025
An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12... High Unreviewed
CVE-2025-51986 was published Aug 14, 2025
A vulnerability in the function that performs IPv4 and IPv6 Network Address Translation (NAT) DNS... High Unreviewed
CVE-2025-20136 was published Aug 14, 2025
A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and... High Unreviewed
CVE-2025-20243 was published Aug 14, 2025
A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco... High Unreviewed
CVE-2025-20217 was published Aug 14, 2025
A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from... Moderate Unreviewed
CVE-2023-2593 was published Jul 30, 2025
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry... High Unreviewed
CVE-2025-8194 was published Jul 28, 2025
SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high... Low Unreviewed
CVE-2025-42954 was published Jul 8, 2025
A vulnerability was found in HobbesOSR Kitten up to c4f8b7c3158983d1020af432be1b417b28686736 and... Moderate Unreviewed
CVE-2025-6365 was published Jun 20, 2025
In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call... Moderate Unreviewed
CVE-2022-50008 was published Jun 18, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17... High Unreviewed
CVE-2025-0673 was published Jun 12, 2025
Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted... High Unreviewed
CVE-2025-5399 was published Jun 7, 2025
tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. High Unreviewed
CVE-2024-22654 was published May 29, 2025
In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Make sure to... Moderate Unreviewed
CVE-2025-37942 was published May 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database