Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,489
Maven
5,000+
npm
5,000+
NuGet
892
pip
4,745
Pub
13
RubyGems
1,033
Rust
1,228
Swift
53
Unreviewed advisories
All unreviewed
5,000+

179 advisories

Loading
Multer vulnerable to Denial of Service via unhandled exception High
CVE-2025-48997 was published for multer (npm) Jun 5, 2025
bjohansebas Credited to bjohansebas, ctcpip, Markiz9999, UlisesGascon, wesleytodd, and LinusU ctcpip ctcpip
Markiz9999 Markiz9999 UlisesGascon UlisesGascon wesleytodd wesleytodd LinusU LinusU
Deserialization vulnerability in the IPC module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-48907 was published Jun 6, 2025
AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could... High Unreviewed
CVE-2025-36539 was published Jun 12, 2025
AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could... High Unreviewed
CVE-2025-44019 was published Jun 12, 2025
MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service High
CVE-2025-53365 was published for mcp (pip) Jul 4, 2025
rharang Credited to rharang
MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS High
CVE-2025-53366 was published for mcp (pip) Jul 4, 2025
rharang Credited to rharang
Qwik's unhandled exception vulnerabilty can cause server crashes from malicious requests Critical
CVE-2025-53620 was published for @builder.io/qwik-city (npm) Jul 9, 2025
finalgamer Credited to finalgamer
Multer vulnerable to Denial of Service via unhandled exception from malformed request High
CVE-2025-7338 was published for multer (npm) Jul 17, 2025
ctcpip Credited to ctcpip, UlisesGascon, and LinusU UlisesGascon UlisesGascon
LinusU LinusU
HAX CMS NodeJS Application Has Improper Error Handling That Leads to Denial of Service High
CVE-2025-54134 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025
asareynolds Credited to asareynolds
Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service High
CVE-2025-47281 was published for github.com/kyverno/kyverno (Go) Jul 22, 2025
thevilledev Credited to thevilledev
A denial-of-service vulnerability exists in Sysax Multi-Server version 6.10 via its SSH daemon. A... High Unreviewed
CVE-2013-10065 was published Aug 5, 2025
Uncaught exception issue exists in Multiple products in bizhub series. If a malformed file is... Moderate Unreviewed
CVE-2025-54777 was published Aug 29, 2025
TYPO3 Bookmark Toolbar vulnerable to denial of service Moderate
CVE-2025-59014 was published for typo3/cms-backend (Composer) Sep 9, 2025
CISA Thorium uses '.unwrap()' to handle errors related to account verification email messages. An... Moderate Unreviewed
CVE-2025-35436 was published Sep 17, 2025
A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a... High Unreviewed
CVE-2025-55553 was published Sep 25, 2025
A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is... High Unreviewed
CVE-2025-55557 was published Sep 25, 2025
Argo CD Unauthenticated Remote DoS via malformed Azure DevOps git.push webhook High
CVE-2025-59538 was published for github.com/argoproj/argo-cd/v2 (Go) Sep 30, 2025
jake-ciolek Credited to jake-ciolek, crenshaw-dev, and blakepettersson crenshaw-dev crenshaw-dev
blakepettersson blakepettersson
A denial-of-service security issue in the affected product. The security issue stems from a fault... High Unreviewed
CVE-2025-9124 was published Oct 14, 2025
Uncaught exception in Microsoft Office allows an unauthorized attacker to deny service locally. Moderate Unreviewed
CVE-2025-59229 was published Oct 14, 2025
alloy-dyn-abi has DoS vulnerability on `alloy_dyn_abi::TypedData` hashing High
CVE-2025-62370 was published for alloy-dyn-abi (Rust) Oct 15, 2025
emostov Credited to emostov and cr-tk cr-tk cr-tk
Uncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged... Moderate Unreviewed
CVE-2025-48430 was published Oct 23, 2025
An attacker who tampers with the C++ CLI client may crash the UpdateService during file transfers... Moderate Unreviewed
CVE-2025-59462 was published Oct 27, 2025
Protocol manipulation might lead to denial of service.This issue affects BLU-IC2: through 1.19.5;... Critical Unreviewed
CVE-2025-12423 was published Oct 28, 2025
On affected platforms running Arista EOS, certain serial console input might result in an... Moderate Unreviewed
CVE-2025-8870 was published Nov 14, 2025
Grav vulnerable to Denial of Service via Improper Input Handling in 'Supported' Parameter High
CVE-2025-66305 was published for getgrav/grav (Composer) Dec 2, 2025
marcelomulder Credited to marcelomulder and nmmorette nmmorette nmmorette
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database