Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,467
Erlang
33
GitHub Actions
23
Go
2,172
Maven
5,000+
npm
3,832
NuGet
696
pip
3,508
Pub
12
RubyGems
910
Rust
907
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,051 advisories

Loading
Memory Exhaustion in Expr Parser with Unrestricted Input High
CVE-2025-29786 was published for github.com/expr-lang/expr (Go) Mar 17, 2025
thevilledev
In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARN_ONCE()... Moderate Unreviewed
CVE-2024-26707 was published Apr 3, 2024
In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K ... Moderate Unreviewed
CVE-2024-26675 was published Apr 2, 2024
In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN... Moderate Unreviewed
CVE-2024-26710 was published Apr 3, 2024
In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix... Moderate Unreviewed
CVE-2024-26743 was published Apr 3, 2024
An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology... Moderate Unreviewed
CVE-2024-57672 was published Feb 6, 2025
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from... Moderate Unreviewed
CVE-2024-26741 was published Apr 3, 2024
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add... Moderate Unreviewed
CVE-2024-26646 was published Mar 26, 2024
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing... Moderate Unreviewed
CVE-2023-52622 was published Mar 26, 2024
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about... Moderate Unreviewed
CVE-2021-47170 was published Mar 25, 2024
Non-linear parsing of case-insensitive content in golang.org/x/net/html High
CVE-2024-45338 was published for golang.org/x/net/html (Go) Dec 18, 2024
mkcops
lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component... High Unreviewed
CVE-2024-57722 was published Jan 23, 2025
Ruby SAML allows remote Denial of Service (DoS) with compressed SAML responses High
CVE-2025-25293 was published for ruby-saml (RubyGems) Mar 12, 2025
p-
In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix... Moderate Unreviewed
CVE-2025-21866 was published Mar 12, 2025
An issue in how XINJE XD5E-24R and XL5E-16T v3.5.3b handles TCP protocol messages allows... High Unreviewed
CVE-2024-50955 was published Nov 14, 2024
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... High Unreviewed
CVE-2025-21545 was published Jan 21, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2025-21549 was published Jan 21, 2025
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double accounting... Moderate Unreviewed
CVE-2024-58089 was published Mar 12, 2025
An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a... High Unreviewed
CVE-2024-56940 was published Feb 13, 2025
An issue was discovered in Atos Eviden BullSequana XH2140 BMC before C4EM-125: OMF_C4E 101.05... High Unreviewed
CVE-2024-46933 was published Feb 20, 2025
An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8... Moderate Unreviewed
CVE-2024-13054 was published Mar 13, 2025
An issue was discovered in GitLab EE affecting all versions starting with 12.3 before 17.7.7, 17... Moderate Unreviewed
CVE-2025-1257 was published Mar 13, 2025
A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software... High Unreviewed
CVE-2025-20209 was published Mar 12, 2025
A vulnerability in the handling of specific packets that are punted from a line card to a route... High Unreviewed
CVE-2025-20141 was published Mar 12, 2025
Crash due to uncontrolled recursion in protobuf crate Moderate
GHSA-2gh3-rmm4-6rq5 was published for protobuf (Rust) Mar 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database