Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

1,615 advisories

Loading
Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable to a Denial of Service (DoS)... High Unreviewed
CVE-2025-65518 was published Jan 8, 2026
The massive sending of ICMP requests causes a denial of service on one of the boards from the... High Unreviewed
CVE-2026-22541 was published Jan 7, 2026
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed
CVE-2025-43706 was published Jan 5, 2026
When multiple devices share resources and one of them is to be passed through to a guest,... High Unreviewed
CVE-2024-31146 was published Sep 25, 2024
Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved... High Unreviewed
CVE-2024-31145 was published Sep 25, 2024
flagd: Multiple Go Runtime CVEs Impact Security and Availability High
GHSA-4c5f-9mj4-m247 was published for github.com/open-feature/flagd/core (Go) Jan 5, 2026
pramod-ahire
Credited to pramod-ahire
MessagePack for Java Vulnerable to Remote DoS via Malicious EXT Payload Allocation High
CVE-2026-21452 was published for org.msgpack:msgpack-core (Maven) Jan 5, 2026
HyperPS
Credited to HyperPS
Signal K Server Vulnerable to Denial of Service via Unrestricted Access Request Flooding High
CVE-2025-68272 was published for signalk-server (npm) Jan 2, 2026
An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows... High Unreviewed
CVE-2025-66863 was published Dec 29, 2025
libxmljs has segmentation fault, potentially leading to a denial-of-service (DoS) High
CVE-2025-25341 was published for libxmljs (npm) Dec 26, 2025
Keycloak TLS Client-Initiated Renegotiation Denial of Service High
CVE-2025-11419 was published for org.keycloak:keycloak-quarkus-dist (Maven) Oct 27, 2025
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS... High Unreviewed
CVE-2025-43462 was published Nov 4, 2025
The issue was addressed with improved bounds checks. This issue is fixed in iOS 26.1 and iPadOS... High Unreviewed
CVE-2025-43424 was published Nov 4, 2025
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2025-43385 was published Nov 4, 2025
Apache CXF: Denial of Service vulnerability with temporary files High
CVE-2025-23184 was published for org.apache.cxf:cxf-core (Maven) Jan 21, 2025
On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can... High Unreviewed
CVE-2025-8872 was published Dec 16, 2025
Better Auth's rou3 Dependency has Double-Slash Path Normalization which can Bypass disabledPaths Config and Rate Limits High
GHSA-x732-6j76-qmhm was published for better-auth (npm) Dec 16, 2025
goksan
Credited to goksan
SyncBreeze 15.2.24 contains a denial of service vulnerability in the login authentication... High Unreviewed
CVE-2023-53873 was published Dec 15, 2025
Vite Plugin React has a Denial of Service Vulnerability in React Server Components High
GHSA-cpqf-f22c-r95x was published for @vitejs/plugin-rsc (npm) Dec 12, 2025
Denial of Service Vulnerability in React Server Components High
CVE-2025-67779 was published for react-server-dom-parcel (npm) Dec 12, 2025
minaliC 2.0.0 contains a denial of service vulnerability that allows remote attackers to crash... High Unreviewed
CVE-2024-58306 was published Dec 12, 2025
Next Vulnerable to Denial of Service with Server Components High
GHSA-mwv6-3258-q52c was published for next (npm) Dec 11, 2025
Ry0taK
Credited to Ry0taK
Denial of Service Vulnerability in React Server Components High
CVE-2025-55184 was published for react-server-dom-parcel (npm) Dec 11, 2025
Ry0taK
Credited to Ry0taK
An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before... High Unreviewed
CVE-2025-65803 was published Dec 10, 2025
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file... High Unreviewed
CVE-2023-52355 was published Jan 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database