Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,300
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,778 advisories

Loading
This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS... High Unreviewed
CVE-2022-32790 was published Sep 25, 2022
An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows... High Unreviewed
CVE-2023-41151 was published Dec 14, 2023
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections,... High Unreviewed
CVE-2025-5024 was published May 22, 2025
Ackites KillWxapkg Zip Bomb Resource Exhaustion Low
CVE-2025-5031 was published for github.com/Ackites/KillWxapkg (Go) May 21, 2025
On Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task can... High Unreviewed
CVE-2022-34326 was published Sep 28, 2022
An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo... Moderate Unreviewed
CVE-2022-41842 was published Oct 1, 2022
An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in... Moderate Unreviewed
CVE-2022-41844 was published Oct 1, 2022
css-what vulnerable to ReDoS due to use of insecure regular expression High
CVE-2022-21222 was published for css-what (npm) Oct 1, 2022
Linkerd resource exhaustion vulnerability Moderate
CVE-2025-43915 was published for github.com/linkerd/linkerd2 (Go) May 5, 2025
ericd
org.ini4j allows attackers to cause a Denial of Service (DoS) High
CVE-2022-41404 was published for org.ini4j:ini4j (Maven) Oct 12, 2022
VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest... Moderate Unreviewed
CVE-2025-41226 was published May 20, 2025
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain... Moderate Unreviewed
CVE-2025-41227 was published May 20, 2025
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-29957 was published May 13, 2025
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows... Moderate Unreviewed
CVE-2025-29954 was published May 13, 2025
Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized... High Unreviewed
CVE-2025-26677 was published May 13, 2025
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs... High Unreviewed
CVE-2023-49550 was published Jan 3, 2024
Meteor Affected By Inefficient Regular Expression Complexity Moderate
CVE-2025-4727 was published for meteor (npm) May 16, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource... High Unreviewed
CVE-2025-26481 was published May 15, 2025
Dell PowerScale InsightIQ, version 5.2, contains an uncontrolled resource consumption... Moderate Unreviewed
CVE-2025-30476 was published May 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20977 was published Jan 17, 2024
An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed
CVE-2025-26783 was published May 14, 2025
In cell service, there is a missing permission check. This could lead to local denial of service... Moderate Unreviewed
CVE-2022-38677 was published Oct 15, 2022
In messaging service, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-38687 was published Oct 15, 2022
In music service, there is a missing permission check. This could lead to local denial of service... Moderate Unreviewed
CVE-2022-38679 was published Oct 15, 2022
Missing connection timeout in Aardvark-dns High
CVE-2024-8418 was published for aardvark-dns (Rust) Sep 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database