Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,239
Maven
5,000+
npm
3,900
NuGet
701
pip
3,667
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,703 advisories

Loading
Autel EVO NANO drone flight control firmware version 1.6.5 is vulnerable to denial of service (DoS). Moderate Unreviewed
CVE-2023-50121 was published Jan 6, 2024
An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a... Moderate Unreviewed
CVE-2023-50019 was published Jan 3, 2024
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite ... High Unreviewed
CVE-2025-30730 was published Apr 15, 2025
The ProfileSDK has defects introduced in the design process. Successful exploitation of this... High Unreviewed
CVE-2022-46315 was published Dec 20, 2022
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... High Unreviewed
CVE-2022-46399 was published Dec 20, 2022
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3.... Moderate Unreviewed
CVE-2025-3016 was published Mar 31, 2025
lite-server vulnerable to Denial of Service High
CVE-2022-25940 was published for lite-server (Maven) Dec 20, 2022
lirantal
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2025-30725 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21577 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services... Moderate Unreviewed
CVE-2025-30715 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported... Moderate Unreviewed
CVE-2025-30705 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services... Moderate Unreviewed
CVE-2025-30704 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Low Unreviewed
CVE-2025-30681 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported... Moderate Unreviewed
CVE-2025-21575 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported... Moderate Unreviewed
CVE-2025-21574 was published Apr 15, 2025
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability High
GHSA-5ccf-884p-4jjq was published for open-webui (npm) Mar 20, 2025
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability in api/chat/file High
GHSA-6wj5-5pgr-jwq8 was published for open-webui (pip) Mar 20, 2025
Open WebUI has vulnerable dependency on starlette via fastapi High
GHSA-w466-2wfc-8g58 was published for open-webui (pip) Mar 20, 2025
BentoML vulnerable to Uncontrolled Resource Consumption High
GHSA-hh3j-9m59-p8vc was published for bentoml (pip) Mar 20, 2025
Python Charmers Future denial of service vulnerability High
CVE-2022-40899 was published for future (pip) Dec 23, 2022
GoetzGoerisch
If a website called <code>window.print()</code> in a particular way, it could cause a denial of... Moderate Unreviewed
CVE-2022-42929 was published Dec 22, 2022
The hash functionality in userver before 42059b6319661583b3080cab9b595d4f8ac48128 allows... High Unreviewed
CVE-2022-28229 was published Dec 24, 2022
Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted... Moderate Unreviewed
CVE-2022-47932 was published Dec 25, 2022
Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private... Moderate Unreviewed
CVE-2022-47934 was published Dec 25, 2022
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service High
CVE-2021-35065 was published for glob-parent (npm) Jul 18, 2022
cowsrule wejendorp
wwuck paulmillr BGehrels
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database