Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,782
Erlang
36
GitHub Actions
29
Go
2,347
Maven
5,000+
npm
3,976
NuGet
720
pip
3,774
Pub
12
RubyGems
923
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,822 advisories

Loading
The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection... High Unreviewed
CVE-2017-5972 was published May 13, 2022
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting... High Unreviewed
CVE-2016-7426 was published May 13, 2022
The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to... Moderate Unreviewed
CVE-2016-9310 was published May 14, 2022
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast... Moderate Unreviewed
CVE-2016-7428 was published May 14, 2022
The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote... Moderate Unreviewed
CVE-2016-7427 was published May 14, 2022
NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service... High Unreviewed
CVE-2015-7978 was published May 14, 2022
Autel EVO NANO drone flight control firmware version 1.6.5 is vulnerable to denial of service (DoS). Moderate Unreviewed
CVE-2023-50121 was published Jan 6, 2024
An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a... Moderate Unreviewed
CVE-2023-50019 was published Jan 3, 2024
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite ... High Unreviewed
CVE-2025-30730 was published Apr 15, 2025
The ProfileSDK has defects introduced in the design process. Successful exploitation of this... High Unreviewed
CVE-2022-46315 was published Dec 20, 2022
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... High Unreviewed
CVE-2022-46399 was published Dec 20, 2022
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3.... Moderate Unreviewed
CVE-2025-3016 was published Mar 31, 2025
lite-server vulnerable to Denial of Service High
CVE-2022-25940 was published for lite-server (Maven) Dec 20, 2022
lirantal
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2025-30725 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21577 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services... Moderate Unreviewed
CVE-2025-30715 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported... Moderate Unreviewed
CVE-2025-30705 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services... Moderate Unreviewed
CVE-2025-30704 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Low Unreviewed
CVE-2025-30681 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported... Moderate Unreviewed
CVE-2025-21575 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported... Moderate Unreviewed
CVE-2025-21574 was published Apr 15, 2025
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability High
GHSA-5ccf-884p-4jjq was published for open-webui (npm) Mar 20, 2025
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability in api/chat/file High
GHSA-6wj5-5pgr-jwq8 was published for open-webui (pip) Mar 20, 2025
Open WebUI has vulnerable dependency on starlette via fastapi High
GHSA-w466-2wfc-8g58 was published for open-webui (pip) Mar 20, 2025
BentoML vulnerable to Uncontrolled Resource Consumption High
GHSA-hh3j-9m59-p8vc was published for bentoml (pip) Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database