Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

413 advisories

Loading
Successful exploitation of the vulnerability could allow an attacker to cause repeated reboots,... Moderate Unreviewed
CVE-2025-48467 was published Jun 26, 2025
Successful exploitation of the vulnerability could allow an attacker to consume all available... Moderate Unreviewed
CVE-2025-48462 was published Jun 26, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18... Moderate Unreviewed
CVE-2025-3279 was published Jun 26, 2025
The Yealink YMCS RPS API before 2025-05-26 lacks rate limiting, potentially enabling information... Moderate Unreviewed
CVE-2025-52917 was published Jun 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 2.1.0 before 17.10.8, 17... Moderate Unreviewed
CVE-2025-5996 was published Jun 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 8.7 before 17.10.8, 17... Moderate Unreviewed
CVE-2025-1516 was published Jun 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-1478 was published Jun 12, 2025
Resource allocation control failure vulnerability in the ArkUI framework Impact: Successful... Moderate Unreviewed
CVE-2024-58114 was published Jun 6, 2025
When loading a specifically crafted ICNS format image file in QImage then it will trigger a crash... Moderate Unreviewed
CVE-2025-5683 was published Jun 5, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-3050 was published May 29, 2025
An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11,... Moderate Unreviewed
CVE-2025-48738 was published May 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 17.10.7, 17... Moderate Unreviewed
CVE-2024-7803 was published May 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before... Moderate Unreviewed
CVE-2025-2853 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-3111 was published May 22, 2025
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-29957 was published May 13, 2025
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows... Moderate Unreviewed
CVE-2025-29954 was published May 13, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to... Moderate Unreviewed
CVE-2024-8973 was published May 9, 2025
In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix... Moderate Unreviewed
CVE-2025-37805 was published May 8, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-0915 was published May 5, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1... Moderate Unreviewed
CVE-2025-1000 was published May 5, 2025
A vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged)... Moderate Unreviewed
CVE-2025-24341 was published Apr 30, 2025
quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a... Moderate Unreviewed
CVE-2025-46687 was published Apr 27, 2025
Denial of service due to allocation of resources without limits. The following products are... Moderate Unreviewed
CVE-2025-30409 was published Apr 24, 2025
An issue has been discovered affecting service availability via issue preview in GitLab CE/EE... Moderate Unreviewed
CVE-2025-0639 was published Apr 24, 2025
Allocation of Resources Without Limits or Throttling vulnerability in Drupal Stage File Proxy... Moderate Unreviewed
CVE-2025-3734 was published Apr 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database