Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,342 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject... Moderate Unreviewed
CVE-2024-46745 was published Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in... Moderate Unreviewed
CVE-2024-43856 was published Aug 17, 2024
In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use ... Moderate Unreviewed
CVE-2024-42258 was published Aug 12, 2024
In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid... Moderate Unreviewed
CVE-2024-42247 was published Aug 7, 2024
In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit... Moderate Unreviewed
CVE-2024-42145 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning... Moderate Unreviewed
CVE-2024-41009 was published Jul 17, 2024
In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer... Moderate Unreviewed
CVE-2024-39472 was published Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip... Moderate Unreviewed
CVE-2024-39484 was published Jul 5, 2024
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with... Moderate Unreviewed
CVE-2021-3669 was published Aug 27, 2022
Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers High
CVE-2025-48976 was published for commons-fileupload:commons-fileupload (Maven) Jun 16, 2025
ryanmurf
Credited to ryanmurf
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks Moderate
CVE-2024-8184 was published for org.eclipse.jetty:jetty-server (Maven) Oct 14, 2024
HRsGIT levpachmanov
Credited to HRsGIT and levpachmanov
Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks Low
CVE-2024-6762 was published for org.eclipse.jetty:jetty-servlets (Maven) Oct 14, 2024
REXML DoS vulnerability Moderate
CVE-2024-41946 was published for rexml (RubyGems) Aug 2, 2024
naitoh
Credited to naitoh
REXML DoS vulnerability Moderate
CVE-2024-41123 was published for rexml (RubyGems) Aug 1, 2024
angular vulnerable to regular expression denial of service (ReDoS) Moderate
CVE-2022-25844 was published for angular (npm) May 3, 2022
Ruby SAML DOS vulnerability with large SAML response Moderate
CVE-2025-54572 was published for ruby-saml (RubyGems) Jul 30, 2025
Yuuki77 dblessing
Credited to Yuuki77 and dblessing
In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix... Moderate Unreviewed
CVE-2025-37805 was published May 8, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-1000 was published May 5, 2025
Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An... Moderate Unreviewed
CVE-2024-45700 was published Apr 2, 2025
IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of... Moderate Unreviewed
CVE-2025-36047 was published Aug 14, 2025
An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control... Moderate Unreviewed
CVE-2025-54500 was published Aug 13, 2025
Apache Tomcat - DoS in multipart upload High
CVE-2025-48988 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 16, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-0915 was published May 5, 2025
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit... Moderate Unreviewed
CVE-2025-21690 was published Feb 10, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-30688 was published Apr 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database