Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

79 advisories

Loading
Uncontrolled recursion in the json2pb component in Apache bRPC (version < 1.15.0) on all... High Unreviewed
CVE-2025-59789 was published Dec 1, 2025
When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content... High Unreviewed
CVE-2025-54858 was published Oct 15, 2025
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker... High Unreviewed
CVE-2025-23325 was published Aug 6, 2025
An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2025-46206 was published Aug 4, 2025
An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an... High Unreviewed
CVE-2025-50420 was published Aug 4, 2025
MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where... High Unreviewed
CVE-2025-6710 was published Jun 26, 2025
In ims service, there is a possible system crash due to incorrect error handling. This could lead... High Unreviewed
CVE-2025-20678 was published Jun 2, 2025
In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a... High Unreviewed
CVE-2025-30193 was published May 20, 2025
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive... High Unreviewed
CVE-2024-8176 was published Mar 14, 2025
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows... High Unreviewed
CVE-2025-1492 was published Feb 20, 2025
In Faust 2.23.1, an input file with the lines "// r visualisation tCst" and "//process = +: L:... High Unreviewed
CVE-2021-41737 was published Nov 11, 2024
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic... High Unreviewed
CVE-2024-34158 was published Sep 6, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-37973 was published Jul 9, 2024
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix... High Unreviewed
CVE-2021-47465 was published May 22, 2024
HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c. High Unreviewed
CVE-2024-32609 was published May 14, 2024
A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and... High Unreviewed
CVE-2024-20311 was published Mar 27, 2024
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of... High Unreviewed
CVE-2024-0208 was published Jan 3, 2024
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0211 was published Jan 3, 2024
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0210 was published Jan 3, 2024
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU... High Unreviewed
CVE-2022-47374 was published Dec 12, 2023
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or... High Unreviewed
CVE-2023-4512 was published Aug 24, 2023
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause... High Unreviewed
CVE-2020-23804 was published Aug 22, 2023
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability,... High Unreviewed
CVE-2023-2990 was published Jun 22, 2023
Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of... High Unreviewed
CVE-2023-31893 was published Jun 5, 2023
A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO... High Unreviewed
CVE-2023-24472 was published Mar 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database