Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

78 advisories

Loading
alloy-dyn-abi has DoS vulnerability on `alloy_dyn_abi::TypedData` hashing High
CVE-2025-62370 was published for alloy-dyn-abi (Rust) Oct 15, 2025
emostov cr-tk
Credited to emostov and cr-tk
A denial-of-service security issue in the affected product. The security issue stems from a fault... High Unreviewed
CVE-2025-9124 was published Oct 14, 2025
Argo CD Unauthenticated Remote DoS via malformed Azure DevOps git.push webhook High
CVE-2025-59538 was published for github.com/argoproj/argo-cd/v2 (Go) Sep 30, 2025
jake-ciolek crenshaw-dev
blakepettersson
Credited to jake-ciolek, crenshaw-dev, and blakepettersson
A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is... High Unreviewed
CVE-2025-55557 was published Sep 25, 2025
A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a... High Unreviewed
CVE-2025-55553 was published Sep 25, 2025
A denial-of-service vulnerability exists in Sysax Multi-Server version 6.10 via its SSH daemon. A... High Unreviewed
CVE-2013-10065 was published Aug 5, 2025
Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service High
CVE-2025-47281 was published for github.com/kyverno/kyverno (Go) Jul 22, 2025
thevilledev
Credited to thevilledev
HAX CMS NodeJS Application Has Improper Error Handling That Leads to Denial of Service High
CVE-2025-54134 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025
asareynolds
Credited to asareynolds
Multer vulnerable to Denial of Service via unhandled exception from malformed request High
CVE-2025-7338 was published for multer (npm) Jul 17, 2025
ctcpip UlisesGascon
LinusU
Credited to ctcpip, UlisesGascon, and LinusU
MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS High
CVE-2025-53366 was published for mcp (pip) Jul 4, 2025
rharang
Credited to rharang
MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service High
CVE-2025-53365 was published for mcp (pip) Jul 4, 2025
rharang
Credited to rharang
AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could... High Unreviewed
CVE-2025-36539 was published Jun 12, 2025
AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could... High Unreviewed
CVE-2025-44019 was published Jun 12, 2025
Multer vulnerable to Denial of Service via unhandled exception High
CVE-2025-48997 was published for multer (npm) Jun 5, 2025
bjohansebas ctcpip
Markiz9999 UlisesGascon wesleytodd LinusU
Credited to bjohansebas, ctcpip, Markiz9999, UlisesGascon, wesleytodd, and LinusU
quic-go Has Panic in Path Probe Loss Recovery Handling High
CVE-2025-29785 was published for github.com/quic-go/quic-go (Go) Jun 3, 2025
Multer vulnerable to Denial of Service from maliciously crafted requests High
CVE-2025-47944 was published for multer (npm) May 19, 2025
max-mathieu wesleytodd
ctcpip UlisesGascon marco-ippolito jonchurch
Credited to max-mathieu, wesleytodd, ctcpip, UlisesGascon, marco-ippolito, and jonchurch
The C++ method SignTraits::DeriveBits() may incorrectly call ThrowException() based on user... High Unreviewed
CVE-2025-23166 was published May 19, 2025
tRPC 11 WebSocket DoS Vulnerability High
CVE-2025-43855 was published for @trpc/server (npm) Apr 24, 2025
lukechilds
Credited to lukechilds
SurrealDB has uncaught exception in Net module that leads to database crash High
GHSA-rq86-9m6r-cm3g was published for surrealdb (Rust) Apr 10, 2025
castilho101
Credited to castilho101
In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This... High Unreviewed
CVE-2025-20663 was published Apr 7, 2025
In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This... High Unreviewed
CVE-2025-20664 was published Apr 7, 2025
Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact:... High Unreviewed
CVE-2024-58112 was published Apr 7, 2025
Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact:... High Unreviewed
CVE-2024-58111 was published Apr 7, 2025
Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command... High Unreviewed
CVE-2025-3083 was published Apr 1, 2025
mintplex-labs/anything-llm version git 6dc3642 contains an unauthenticated Denial of Service (DoS... High Unreviewed
CVE-2024-8249 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database