Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

275 advisories

Loading
UltraJSON has a Memory Leak parsing large integers allows DoS High
CVE-2026-32874 was published for ujson (pip) Mar 18, 2026
Skevros Credited to Skevros and bwoodsend bwoodsend bwoodsend
The Eclipse Jetty Server Artifact has a Gzip request memory leak High
CVE-2026-1605 was published for org.eclipse.jetty:jetty-server (Maven) Mar 5, 2026
glebashnik Credited to glebashnik and bjorncs bjorncs bjorncs
A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive... High Unreviewed
CVE-2026-20105 was published Mar 4, 2026
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD... High Unreviewed
CVE-2026-20014 was published Mar 4, 2026
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked... High Unreviewed
CVE-2025-47397 was published Feb 2, 2026
Missing Release of Memory after Effective Lifetime vulnerability in Is-Daouda is-Engine.This... High Unreviewed
CVE-2026-24828 was published Jan 27, 2026
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs... High Unreviewed
CVE-2025-56353 was published Jan 20, 2026
Multiple denial-of-service vulnerabilities exist in the affected product. These issues can be... High Unreviewed
CVE-2025-14027 was published Jan 20, 2026
A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon... High Unreviewed
CVE-2026-21909 was published Jan 15, 2026
FontForge v20230101 was discovered to contain a memory leak via the utf7toutf8_copy function at ... High Unreviewed
CVE-2025-50951 was published Oct 23, 2025
radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. High Unreviewed
CVE-2025-60358 was published Oct 16, 2025
When a client SSL profile is configured on a virtual server, undisclosed requests can cause an... High Unreviewed
CVE-2025-61974 was published Oct 15, 2025
When SNMP is configured on F5OS Appliance and Chassis systems, undisclosed requests can cause an... High Unreviewed
CVE-2025-47150 was published Oct 15, 2025
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix incorrect... High Unreviewed
CVE-2025-39963 was published Oct 9, 2025
In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure... High Unreviewed
CVE-2023-53577 was published Oct 4, 2025
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS... High Unreviewed
CVE-2025-20239 was published Aug 14, 2025
A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of... High Unreviewed
CVE-2025-20133 was published Aug 14, 2025
Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue... High Unreviewed
CVE-2025-53020 was published Jul 10, 2025
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an... High Unreviewed
CVE-2025-29828 was published Jun 10, 2025
Multer vulnerable to Denial of Service via memory leaks from unclosed streams High
CVE-2025-47935 was published for multer (npm) May 19, 2025
ctcpip Credited to ctcpip, UlisesGascon, and UnlimitedBytes UlisesGascon UlisesGascon
UnlimitedBytes UnlimitedBytes
A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing... High Unreviewed
CVE-2025-30658 was published Apr 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding... High Unreviewed
CVE-2025-30647 was published Apr 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding... High Unreviewed
CVE-2025-21595 was published Apr 9, 2025
io.quarkus:quarkus-resteasy: Memory Leak in Quarkus RESTEasy Classic When Client Requests Timeout High
CVE-2025-1634 was published for io.quarkus:quarkus-resteasy (Maven) Feb 26, 2025
r3kumar Credited to r3kumar
go-crypto-winnative BCryptGenerateSymmetricKey memory leak High
CVE-2025-25199 was published for github.com/microsoft/go-crypto-winnative (Go) Feb 12, 2025
clarkb7 Credited to clarkb7
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database