Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

268 advisories

Loading
An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an... High Unreviewed
CVE-2025-50420 was published Aug 4, 2025
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker... High Unreviewed
CVE-2025-23325 was published Aug 6, 2025
Uncontrolled recursion for some TinyCBOR libraries maintained by Intel(R) before version 0.6.1... Moderate Unreviewed
CVE-2025-20025 was published Aug 12, 2025
Uncontrolled recursion for some TinyCBOR libraries maintained by Intel(R) before version 0.6.1... Moderate Unreviewed
CVE-2025-24302 was published Aug 12, 2025
LlamaIndex affected by a Denial of Service (DOS) in JSONReader High
CVE-2025-5302 was published for llama-index-core (pip) Aug 26, 2025
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
anlakii
Credited to anlakii
XGrammar affected by Denial of Service by infinite recursion grammars High
CVE-2025-57809 was published for xgrammar (pip) Aug 25, 2025
xendo
Credited to xendo
Nimbus JOSE + JWT is vulnerable to DoS attacks when processing deeply nested JSON Moderate
CVE-2025-53864 was published for com.nimbusds:nimbus-jose-jwt (Maven) Jul 11, 2025
phrabec vtintillier
Credited to phrabec and vtintillier
In the Linux kernel, the following vulnerability has been resolved: riscv: VMAP_STACK overflow... Moderate Unreviewed
CVE-2023-52761 was published May 21, 2024
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix... High Unreviewed
CVE-2021-47465 was published May 22, 2024
Duplicate Advisory: express-xss-sanitizer has an unbounded recursion depth Moderate
GHSA-qhwp-454g-2gv4 was published for express-xss-sanitizer (npm) Sep 15, 2025 withdrawn
cai0duque AhmedAdelFahim
Credited to cai0duque and AhmedAdelFahim
express-xss-sanitizer has an unbounded recursion depth Moderate
CVE-2025-59364 was published for express-xss-sanitizer (npm) Sep 26, 2025
Uncontrolled Recursion in Akka HTTP High
CVE-2021-42697 was published for com.typesafe.akka:aakka-http-core_2.13.0-M3 (Maven) May 24, 2022
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply... Moderate Unreviewed
CVE-2025-43718 was published Oct 1, 2025
When the module renders a Svg file that contains a <pattern> element, it might end up rendering... Critical Unreviewed
CVE-2025-10728 was published Oct 3, 2025
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an... Moderate Unreviewed
CVE-2025-33096 was published Oct 12, 2025
When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content... High Unreviewed
CVE-2025-54858 was published Oct 15, 2025
LlamaIndex Uncontrolled Resource Consumption vulnerability Moderate
CVE-2024-12910 was published for llama-index (pip) Mar 20, 2025
LlamaIndex Vulnerable to Denial of Service (DoS) High
CVE-2025-1752 was published for llama-index (pip) May 10, 2025
In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to... Low Unreviewed
CVE-2025-11896 was published Oct 17, 2025
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-30631 was published Aug 11, 2022
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any... Moderate Unreviewed
CVE-2023-52986 was published Mar 27, 2025
A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted... Low Unreviewed
CVE-2024-57257 was published Feb 19, 2025
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a... Moderate Unreviewed
CVE-2025-9714 was published Sep 10, 2025
The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows... Moderate Unreviewed
CVE-2019-6285 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database