GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
1,019 advisories
Filter by severity
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1...
Moderate
Unreviewed
CVE-2023-51339
was published
Feb 20, 2025
Namada-apps allows Excessive Computation in Mempool Validation
Critical
GHSA-f8qm-hmm3-fv7f
was published
for
namada-apps
(Rust)
Feb 20, 2025
Namada-apps can Crash with Excessive Computation in Mempool Validation
Critical
GHSA-82vg-5v4f-f9wq
was published
for
namada-apps
(Rust)
Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cinema Booking System v1.0...
Moderate
Unreviewed
CVE-2023-51334
was published
Feb 20, 2025
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Car Park Booking System v3...
Moderate
Unreviewed
CVE-2023-51309
was published
Feb 20, 2025
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Car Park...
Moderate
Unreviewed
CVE-2023-51310
was published
Feb 20, 2025
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0...
Moderate
Unreviewed
CVE-2023-51297
was published
Feb 19, 2025
Restricted Views backed objects (OSV1) could be bypassed under specific circumstances due to a...
Moderate
Unreviewed
CVE-2024-49589
was published
Feb 18, 2025
Monero through 0.18.3.4 before ec74ff4 does not have response limits on HTTP server connections.
High
Unreviewed
CVE-2025-26819
was published
Feb 15, 2025
Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB....
High
Unreviewed
CVE-2023-34397
was published
Feb 14, 2025
CWE-770: Allocation of Resources Without Limits or Throttling vulnerability exists that could...
High
Unreviewed
CVE-2025-1059
was published
Feb 13, 2025
An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a...
High
Unreviewed
CVE-2024-56940
was published
Feb 13, 2025
A denial of service vulnerability in GitLab CE/EE affecting all versions from 14.1 prior to 17.6...
Moderate
Unreviewed
CVE-2024-12379
was published
Feb 12, 2025
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS...
Moderate
Unreviewed
CVE-2024-54658
was published
Feb 10, 2025
In the Linux kernel, the following vulnerability has been resolved:
scsi: storvsc: Ratelimit...
Moderate
Unreviewed
CVE-2025-21690
was published
Feb 10, 2025
Possible DoS by memory exhaustion in net-imap
Moderate
CVE-2025-25186
was published
for
net-imap
(RubyGems)
Feb 10, 2025
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2025-1072
was published
Feb 7, 2025
An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology...
Moderate
Unreviewed
CVE-2024-57672
was published
Feb 6, 2025
An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology...
Moderate
Unreviewed
CVE-2024-57673
was published
Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an...
Moderate
Unreviewed
CVE-2024-38316
was published
Feb 6, 2025
When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is...
High
Unreviewed
CVE-2025-24312
was published
Feb 5, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to...
High
Unreviewed
CVE-2024-2878
was published
Feb 5, 2025
A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15...
Moderate
Unreviewed
CVE-2023-6386
was published
Feb 5, 2025
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it...
High
Unreviewed
CVE-2024-12705
was published
Jan 30, 2025
Withdrawn Advisory: github.com/hashicorp/yamux's DefaultConfig has dangerous defaults causing hung Read
Moderate
GHSA-29qp-crvh-w22m
was published
for
github.com/hashicorp/yamux
(Go)
Jan 29, 2025
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API