GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
781 advisories
Filter by severity
ZenML unauthenticated DoS via Multipart Boundry
High
CVE-2024-9340
was published
for
zenml
(pip)
Mar 20, 2025
LlamaIndex Improper Handling of Exceptional Conditions vulnerability
High
CVE-2024-12704
was published
for
llama-index-core
(pip)
Mar 20, 2025
FastChat Uncontrolled Resource Consumption vulnerability
High
CVE-2024-10907
was published
for
fschat
(pip)
Mar 20, 2025
DB-GPT Uncontrolled Resource Consumption vulnerability
High
CVE-2024-10829
was published
for
dbgpt
(pip)
Mar 20, 2025
InvokeAI has Denial of Service (DoS) vulnerability in `/api/v1/images/upload`
High
CVE-2024-10821
was published
for
InvokeAI
(pip)
Mar 20, 2025
In Azle, calling `setTimer` causes infinite loop of timers
High
CVE-2025-29776
was published
for
azle
(npm)
Mar 14, 2025
In the Linux kernel, the following vulnerability has been resolved:
f2fs: avoid infinite loop to...
Moderate
Unreviewed
CVE-2022-49317
was published
Mar 14, 2025
In the Linux kernel, the following vulnerability has been resolved:
nvmet: Fix crash when a...
Moderate
Unreviewed
CVE-2025-21850
was published
Mar 12, 2025
OpenDJ Denial of Service (DoS) using alias loop
High
CVE-2025-27497
was published
for
org.openidentityplatform.opendj:opendj-server-legacy
(Maven)
Mar 5, 2025
In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests...
Moderate
Unreviewed
CVE-2025-1695
was published
Mar 4, 2025
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU...
Moderate
Unreviewed
CVE-2024-6790
was published
Feb 3, 2025
In the Linux kernel, the following vulnerability has been resolved:
openvswitch: fix lockup on...
Moderate
Unreviewed
CVE-2025-21681
was published
Jan 31, 2025
In the Linux kernel, the following vulnerability has been resolved:
filemap: avoid truncating 64...
Moderate
Unreviewed
CVE-2025-21665
was published
Jan 31, 2025
In the Linux kernel, the following vulnerability has been resolved:
iomap: avoid avoid...
Moderate
Unreviewed
CVE-2025-21667
was published
Jan 31, 2025
In the Linux kernel, the following vulnerability has been resolved:
pmdomain: imx8mp-blk-ctrl:...
Moderate
Unreviewed
CVE-2025-21668
was published
Jan 31, 2025
In parseUriInternal of Intent.java, there is a possible infinite loop due to improper input...
High
Unreviewed
CVE-2024-40675
was published
Jan 28, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to...
Moderate
Unreviewed
CVE-2025-0290
was published
Jan 28, 2025
Infinite loop and Blind SSRF found inside the Webfinger mechanism in @fedify/fedify
Moderate
CVE-2025-23221
was published
for
@fedify/fedify
(npm)
Jan 21, 2025
In the Linux kernel, the following vulnerability has been resolved:
exfat: fix the infinite loop...
Moderate
Unreviewed
CVE-2024-57940
was published
Jan 21, 2025
In the Linux kernel, the following vulnerability has been resolved:
mm: vmscan: account for free...
Moderate
Unreviewed
CVE-2024-57884
was published
Jan 15, 2025
In the Linux kernel, the following vulnerability has been resolved:
ceph: give up on paths...
Moderate
Unreviewed
CVE-2024-53685
was published
Jan 11, 2025
In the Linux kernel, the following vulnerability has been resolved:
bpf: Prevent tailcall...
Moderate
Unreviewed
CVE-2024-47794
was published
Jan 11, 2025
In the Linux kernel, the following vulnerability has been resolved:
ipv6: Fix soft lockups in...
Moderate
Unreviewed
CVE-2024-56703
was published
Dec 28, 2024
Predictable results in nanoid generation when given non-integer values
Moderate
CVE-2024-55565
was published
for
nanoid
(npm)
Dec 9, 2024
Drupal core Denial of Service
High
CVE-2024-11941
was published
for
drupal/core
(Composer)
Dec 5, 2024
ProTip!
Advisories are also available from the
GraphQL API