Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,268 advisories

Loading
A vulnerability has been identified where a maliciously crafted message containing a specific... High Unreviewed
CVE-2023-28356 was published May 12, 2023
In several functions of SnoozeHelper.java, there is a possible way to grant notifications access... High Unreviewed
CVE-2023-21110 was published May 16, 2023
Uncontrolled Resource Consumption in moodle High
CVE-2024-25978 was published for moodle/moodle (Composer) Feb 19, 2024
go-git clients vulnerable to DoS via maliciously crafted Git server replies High
CVE-2025-21614 was published for github.com/go-git/go-git (Go) Jan 6, 2025
bdilalu
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially... High Unreviewed
CVE-2019-9517 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a... High Unreviewed
CVE-2019-9518 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of... High Unreviewed
CVE-2019-9513 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial... High Unreviewed
CVE-2019-9515 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization... High Unreviewed
CVE-2019-9511 was published May 24, 2022
Windows upnphost.dll Denial of Service Vulnerability High Unreviewed
CVE-2025-21389 was published Jan 14, 2025
Windows Remote Desktop Services Denial of Service Vulnerability High Unreviewed
CVE-2025-21330 was published Jan 14, 2025
Windows upnphost.dll Denial of Service Vulnerability High Unreviewed
CVE-2025-21300 was published Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21251 was published Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21289 was published Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21290 was published Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21270 was published Jan 14, 2025
Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability High Unreviewed
CVE-2025-21207 was published Jan 14, 2025
Windows Kerberos Denial of Service Vulnerability High Unreviewed
CVE-2025-21218 was published Jan 14, 2025
IP Helper Denial of Service Vulnerability High Unreviewed
CVE-2025-21231 was published Jan 14, 2025
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability High Unreviewed
CVE-2024-49129 was published Dec 12, 2024
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary... High Unreviewed
CVE-2024-4148 was published Jun 1, 2024
htmlcleaner vulnerable to stack exhaustion High
CVE-2023-34624 was published for net.sourceforge.htmlcleaner:htmlcleaner (Maven) Jun 14, 2023
onmyquest
jsonij vulnerable to stack exhaustion High
CVE-2023-34614 was published for cc.plural:jsonij (Maven) Jun 14, 2023
sojo vulnerable to stack exhaustion High
CVE-2023-34613 was published for net.sf.sojo:sojo (Maven) Jun 14, 2023
ph-json vulnerable to stack exhaustion High
CVE-2023-34612 was published for com.helger.commons:ph-json (Maven) Jun 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database