Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may... Unknown Unreviewed
CVE-2026-40199 was published Apr 11, 2026
Rack has Content-Length mismatch in Rack::Files error responses Moderate
CVE-2026-34831 was published for rack (RubyGems) Apr 2, 2026
Oblivionsage Credited to Oblivionsage, jeremyevans, and ioquatix jeremyevans jeremyevans
ioquatix ioquatix
python-ecdsa: Denial of Service via improper DER length validation in crafted private keys Moderate
CVE-2026-33936 was published for ecdsa (pip) Mar 27, 2026
0xmrma Credited to 0xmrma
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP... Moderate Unreviewed
CVE-2026-25571 was published Mar 10, 2026
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP... Moderate Unreviewed
CVE-2026-25572 was published Mar 10, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48022 was published Feb 13, 2026
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized... High Unreviewed
CVE-2025-14847 was published Dec 19, 2025
Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric... Moderate Unreviewed
CVE-2025-8531 was published Sep 19, 2025
In multiple locations, there is a possible way to persistently DoS the device due to a missing... Moderate Unreviewed
CVE-2025-26432 was published Sep 5, 2025
Improper Handling of Length Parameter Inconsistency vulnerability in web server function on... Moderate Unreviewed
CVE-2025-5514 was published Aug 25, 2025
Vulnerability of inadequate packet length check in the BLE module. Impact: Successful... Moderate Unreviewed
CVE-2025-54646 was published Aug 6, 2025
Duplicate Advisory: Remotely exploitable denial of service in Rosenpass Moderate
GHSA-624c-2h52-gf7f was published for rosenpass (Rust) Jul 28, 2025 withdrawn
An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol... High Unreviewed
CVE-2025-52949 was published Jul 11, 2025
Rust Web Push is vulnerable to a DoS attack via a large integer in a Content-Length header Moderate
CVE-2025-53604 was published for web-push (Rust) Jul 5, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a... Moderate Unreviewed
CVE-2025-23247 was published May 27, 2025
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The... Moderate Unreviewed
CVE-2025-29931 was published Apr 17, 2025
An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding... High Unreviewed
CVE-2025-30659 was published Apr 9, 2025
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR... Low Unreviewed
CVE-2025-32366 was published Apr 7, 2025
rPGP Panics on Malformed Untrusted Input High
CVE-2024-53856 was published for pgp (Rust) Dec 5, 2024
invd Credited to invd, hko-s, dignifiedquire, and link2xt hko-s hko-s
dignifiedquire dignifiedquire link2xt link2xt
Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-47293 was published Sep 27, 2024
Django vulnerable to a denial-of-service attack Moderate
CVE-2024-41990 was published for Django (pip) Aug 7, 2024
Django vulnerable to denial-of-service attack Moderate
CVE-2024-41991 was published for Django (pip) Aug 7, 2024
Elliptic's ECDSA missing check for whether leading bit of r and s is zero Low
CVE-2024-42460 was published for elliptic (npm) Aug 2, 2024
BlazingWizard Credited to BlazingWizard
A vulnerability in the upload module of Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers could... Moderate Unreviewed
CVE-2024-20416 was published Jul 17, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database