Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

275 advisories

Loading
UltraJSON has a Memory Leak parsing large integers allows DoS High
CVE-2026-32874 was published for ujson (pip) Mar 18, 2026
Skevros Credited to Skevros and bwoodsend bwoodsend bwoodsend
gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the... High Unreviewed
CVE-2024-24267 was published Feb 5, 2024
The Eclipse Jetty Server Artifact has a Gzip request memory leak High
CVE-2026-1605 was published for org.eclipse.jetty:jetty-server (Maven) Mar 5, 2026
glebashnik Credited to glebashnik and bjorncs bjorncs bjorncs
A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive... High Unreviewed
CVE-2026-20105 was published Mar 4, 2026
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD... High Unreviewed
CVE-2026-20014 was published Mar 4, 2026
In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure... High Unreviewed
CVE-2023-53577 was published Oct 4, 2025
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix incorrect... High Unreviewed
CVE-2025-39963 was published Oct 9, 2025
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked... High Unreviewed
CVE-2025-47397 was published Feb 2, 2026
Missing Release of Memory after Effective Lifetime vulnerability in Is-Daouda is-Engine.This... High Unreviewed
CVE-2026-24828 was published Jan 27, 2026
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs... High Unreviewed
CVE-2025-56353 was published Jan 20, 2026
Multiple denial-of-service vulnerabilities exist in the affected product. These issues can be... High Unreviewed
CVE-2025-14027 was published Jan 20, 2026
A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon... High Unreviewed
CVE-2026-21909 was published Jan 15, 2026
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. High Unreviewed
CVE-2019-20388 was published May 24, 2022
io.quarkus:quarkus-resteasy: Memory Leak in Quarkus RESTEasy Classic When Client Requests Timeout High
CVE-2025-1634 was published for io.quarkus:quarkus-resteasy (Maven) Feb 26, 2025
r3kumar Credited to r3kumar
A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in... High Unreviewed
CVE-2022-4743 was published Jan 12, 2023
Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue... High Unreviewed
CVE-2025-53020 was published Jul 10, 2025
libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/apps/ts2las.cpp. High Unreviewed
CVE-2024-27507 was published Feb 27, 2024
mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the... High Unreviewed
CVE-2024-24259 was published Feb 5, 2024
mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the... High Unreviewed
CVE-2024-24258 was published Feb 5, 2024
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial... High Unreviewed
CVE-2022-48541 was published Aug 22, 2023
When segmenting specially crafted text, segmentation would corrupt memory leading to a... High Unreviewed
CVE-2025-0241 was published Jan 7, 2025
BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of... High Unreviewed
CVE-2023-4513 was published Aug 24, 2023
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory,... High Unreviewed
CVE-2021-33646 was published Aug 11, 2022
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory,... High Unreviewed
CVE-2021-33645 was published Aug 11, 2022
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object. High Unreviewed
CVE-2022-43272 was published Dec 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database