Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,248
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,513
Pub
12
RubyGems
997
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+

26 advisories

Loading
ImageMagick: MSL image stack index may fail to refresh, leading to leaked images Moderate
CVE-2026-25988 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
Image Magick has a Memory Leak in coders/ashlar.c Moderate
CVE-2026-25969 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
unbengable12 Credited to unbengable12
ImageMagick has memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths Moderate
CVE-2026-25796 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
ImageMagick has memory leak in msl encoder Moderate
CVE-2026-25638 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
unbengable12 Credited to unbengable12
ImageMagick: Possible memory leak in ASHLAR encoder Moderate
CVE-2026-25637 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
webtransport-go: Memory Exhaustion Attack due to Missing Cleanup of Streams Map Moderate
CVE-2026-21438 was published for github.com/quic-go/webtransport-go (Go) Feb 12, 2026
Improper Memory Cleanup in the Okta Java SDK Moderate
CVE-2025-66033 was published for com.okta.sdk:okta-sdk-root (Maven) Dec 10, 2025
pyckle Credited to pyckle
containerd CRI server: Host memory exhaustion through Attach goroutine leak Moderate
CVE-2025-64329 was published for github.com/containerd/containerd (Go) Nov 6, 2025
Wheat2018 Credited to Wheat2018
Liferay Portal and DXP vulnerable to a memory leak Moderate
CVE-2025-43816 was published for com.liferay:com.liferay.portal.vulcan.impl (Maven) Sep 25, 2025
Infinispan Potential Out of Memory Error via REST Compare API Buffer API Moderate
CVE-2024-6875 was published for org.infinispan:infinispan-query (Maven) Mar 28, 2025
Apache CXF allows unrestricted memory consumption in CXF HTTP clients Moderate
CVE-2024-41172 was published for org.apache.cxf:cxf-rt-transports-http (Maven) Jul 19, 2024
Undertow Missing Release of Memory after Effective Lifetime vulnerability Moderate
CVE-2024-3653 was published for io.undertow:undertow-core (Maven) Jul 9, 2024
jw123023 Credited to jw123023
ic-stable-structures vulnerable to BTreeMap memory leak when deallocating nodes with overflows Moderate
CVE-2024-4435 was published for ic-stable-structures (Rust) May 21, 2024
ielashi Credited to ielashi
fetch(url) leads to a memory leak in undici Moderate
CVE-2024-24750 was published for undici (npm) Feb 16, 2024
mcollina Credited to mcollina
OpenFGA denial of service Moderate
CVE-2024-23820 was published for github.com/openfga/openfga (Go) Jan 26, 2024
tokio-boring vulnerable to resource exhaustion via memory leak Moderate
CVE-2023-6180 was published for tokio-boring (Rust) Dec 5, 2023
ehaydenr Credited to ehaydenr
memory leak flaw was found in ruby-magick Moderate
CVE-2023-5349 was published for rmagick (RubyGems) Oct 30, 2023
Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operation Moderate
CVE-2025-27097 was published for @graphql-mesh/runtime (npm) Oct 10, 2023
ardatan Credited to ardatan and khell khell khell
CometBFT PeerState JSON serialization deadlock Moderate
CVE-2023-34450 was published for github.com/cometbft/cometbft (Go) Jul 5, 2023
mmsqe Credited to mmsqe and sergio-mena sergio-mena sergio-mena
containerd CRI stream server vulnerable to host memory exhaustion via terminal Moderate
CVE-2022-23471 was published for github.com/containerd/containerd (Go) Dec 7, 2022
NFStream Local Denial of Service (DoS) Moderate
CVE-2020-25340 was published for nfstream (pip) May 24, 2022
Wildfly has a memory leak vulnerability Moderate
CVE-2020-27822 was published for org.wildfly:wildfly-parent (Maven) May 24, 2022
Uncontrolled Resource Consumption in WildFly Moderate
CVE-2020-25689 was published for org.wildfly:wildfly-dist (Maven) May 24, 2022
Memory leak in Tensorflow Moderate
CVE-2022-23578 was published for tensorflow (pip) Feb 10, 2022
Memory leak in decoding PNG images Moderate
CVE-2022-23585 was published for tensorflow (pip) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database