Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,072 advisories

Loading
Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up High
GHSA-5j59-xgg2-r9c4 was published for next (npm) Dec 12, 2025
Vite Plugin React has a Denial of Service Vulnerability in React Server Components High
GHSA-cpqf-f22c-r95x was published for @vitejs/plugin-rsc (npm) Dec 12, 2025
Denial of Service Vulnerability in React Server Components High
CVE-2025-67779 was published for react-server-dom-parcel (npm) Dec 12, 2025
minaliC 2.0.0 contains a denial of service vulnerability that allows remote attackers to crash... High Unreviewed
CVE-2024-58306 was published Dec 12, 2025
Next Vulnerable to Denial of Service with Server Components High
GHSA-mwv6-3258-q52c was published for next (npm) Dec 11, 2025
Ry0taK
Credited to Ry0taK
Denial of Service Vulnerability in React Server Components High
CVE-2025-55184 was published for react-server-dom-parcel (npm) Dec 11, 2025
Ry0taK
Credited to Ry0taK
An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before... High Unreviewed
CVE-2025-65803 was published Dec 10, 2025
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service... High Unreviewed
CVE-2025-48631 was published Dec 8, 2025
In multiple locations, there is a possible permanent denial of service due to resource exhaustion... Moderate Unreviewed
CVE-2025-48569 was published Dec 8, 2025
In updateNotificationChannelGroupFromPrivilegedListener of NotificationManagerService.java, there... Moderate Unreviewed
CVE-2025-48576 was published Dec 8, 2025
In multiple functions of NotificationManagerService.java, there is a possible way to bypass the... Moderate Unreviewed
CVE-2025-48584 was published Dec 8, 2025
In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to... Moderate Unreviewed
CVE-2025-48590 was published Dec 8, 2025
In InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due... Moderate Unreviewed
CVE-2025-48603 was published Dec 8, 2025
In getComponentName of MediaButtonReceiverHolder.java, there is a possible desync in persistence... High Unreviewed
CVE-2025-48615 was published Dec 8, 2025
Logrus is vulnerable to DoS when using Entry.Writer() High
CVE-2025-65637 was published for github.com/sirupsen/logrus (Go) Dec 4, 2025
Rhino has high CPU usage and potential DoS when passing specific numbers to `toFixed()` function Low
CVE-2025-66453 was published for org.mozilla:rhino (Maven) Dec 3, 2025
TechPizzaDev
Credited to TechPizzaDev
Grav is vulnerable to a DOS on the admin panel Moderate
CVE-2025-66303 was published for getgrav/grav (Composer) Dec 2, 2025
alix41dsec
Credited to alix41dsec
When reading an HTTP response from a server, if no read amount is specified, the default behavior... Moderate Unreviewed
CVE-2025-13836 was published Dec 1, 2025
BACnet Test Server versions up to and including 1.01 contains a remote denial of service... High Unreviewed
CVE-2020-36872 was published Nov 27, 2025
An issue was discovered in Veal98 Echo Open-Source Community System 2.2 thru 2.3 allowing an... High Unreviewed
CVE-2025-51741 was published Nov 25, 2025
body-parser is vulnerable to denial of service when url encoding is used Moderate
CVE-2025-13466 was published for body-parser (npm) Nov 25, 2025
Phillip9587 bjohansebas
UlisesGascon ctcpip sheplu jonchurch
Credited to Phillip9587, bjohansebas, UlisesGascon, ctcpip, sheplu, and jonchurch
pypdf's LZWDecode streams be manipulated to exhaust RAM Moderate
CVE-2025-66019 was published for pypdf (pip) Nov 24, 2025
aydinnyunus stefan6419846
Credited to aydinnyunus and stefan6419846
NSSF panic due to nil pointer dereference when expiry field is omitted in NSSAIAvailability POST High
CVE-2025-60638 was published for github.com/free5gc/nssf (Go) Nov 24, 2025
thread-amount Vulnerable to Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS High
CVE-2025-65947 was published for thread-amount (Rust) Nov 21, 2025
jzeuzs
Credited to jzeuzs
HackerOne community member Dao Hoang Anh (yoyomiski) has reported an uncontrolled resource... Moderate Unreviewed
CVE-2025-55128 was published Nov 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database