Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,851
Erlang
36
GitHub Actions
35
Go
2,481
Maven
5,000+
npm
4,098
NuGet
734
pip
3,914
Pub
12
RubyGems
945
Rust
1,016
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,919 advisories

Loading
A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown... Moderate Unreviewed
CVE-2025-9670 was published Aug 29, 2025
gnark affected by denial of service when computing scalar multiplication using fake-GLV algorithm High
CVE-2025-58157 was published for github.com/consensys/gnark (Go) Aug 29, 2025
An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If... Moderate Unreviewed
CVE-2025-29898 was published Aug 29, 2025
In multiple locations, there is a possible crash loop due to resource exhaustion. This could lead... Moderate Unreviewed
CVE-2024-49740 was published Aug 27, 2025
GraphQL Armor Max-Depth Plugin Bypass via fragment caching Moderate
GHSA-224p-v68g-5g8f was published for @escape.tech/graphql-armor-max-depth (npm) Aug 26, 2025
GraphQL Armor Max-Depth Plugin Bypass via Introspection Query Obfuscation Moderate
GHSA-hmfr-rx46-4jx2 was published for @escape.tech/graphql-armor-max-depth (npm) Aug 26, 2025
M0ngi
Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was... High Unreviewed
CVE-2025-55631 was published Aug 22, 2025
Incorrect access control in the RTMP server settings of Reolink Smart 2K+ Plug-in Wi-Fi Video... High Unreviewed
CVE-2025-55634 was published Aug 22, 2025
Bouncy Castle for Java has Uncontrolled Resource Consumption Vulnerability Moderate
CVE-2025-9341 was published for org.bouncycastle:bc-fips (Maven) Aug 22, 2025
Denial-of-Service attack in pyLoad CNL Blueprint using dukpy.evaljs High
CVE-2025-57751 was published for pyload-ng (pip) Aug 21, 2025
cyjhhh
A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function... Moderate Unreviewed
CVE-2025-9308 was published Aug 21, 2025
An issue in the component /settings/localisation of Akaunting v3.1.18 allows authenticated... Moderate Unreviewed
CVE-2025-55521 was published Aug 21, 2025
vllm API endpoints vulnerable to Denial of Service Attacks High
CVE-2025-48956 was published for vllm (pip) Aug 21, 2025
jperezdealgaba russellb
taneem-ibrahim
Eclipse Jetty affected by MadeYouReset HTTP/2 vulnerability High
CVE-2025-5115 was published for org.eclipse.jetty.http2:http2-common (Maven) Aug 20, 2025
galbarnahum AnatBB
YanivRL
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of... Moderate Unreviewed
CVE-2025-8449 was published Aug 20, 2025
Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in... High Unreviewed
CVE-2025-55029 was published Aug 19, 2025
'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability... High Unreviewed
CVE-2025-9182 was published Aug 19, 2025
Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in... Moderate Unreviewed
CVE-2025-55028 was published Aug 19, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the fw_ip... High Unreviewed
CVE-2025-55588 was published Aug 18, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname... High Unreviewed
CVE-2025-55587 was published Aug 18, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url... High Unreviewed
CVE-2025-55586 was published Aug 18, 2025
Bouncy Castle for Java Uncontrolled Resource Consumption Vulnerability Low
CVE-2025-9092 was published for org.bouncycastle:bc-fips (Maven) Aug 16, 2025
PyPDF's Manipulated FlateDecode streams can exhaust RAM Moderate
CVE-2025-55197 was published for pypdf (pip) Aug 13, 2025
jakiki6 stefan6419846
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the... High Unreviewed
CVE-2025-50615 was published Aug 13, 2025
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized... High Unreviewed
CVE-2025-53722 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database