Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

264 advisories

Loading
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an... High Unreviewed
CVE-2025-29828 was published Jun 10, 2025
Multer vulnerable to Denial of Service via memory leaks from unclosed streams High
CVE-2025-47935 was published for multer (npm) May 19, 2025
ctcpip UlisesGascon
UnlimitedBytes
Credited to ctcpip, UlisesGascon, and UnlimitedBytes
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker... High Unreviewed
CVE-2022-38177 was published Sep 22, 2022
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker... High Unreviewed
CVE-2022-38178 was published Sep 22, 2022
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to... High Unreviewed
CVE-2022-42311 was published Nov 1, 2022
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c omits a... High Unreviewed
CVE-2022-47941 was published Dec 23, 2022
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before... High Unreviewed
CVE-2016-6304 was published May 13, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... High Unreviewed
CVE-2016-4232 was published May 14, 2022
A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding... High Unreviewed
CVE-2025-30647 was published Apr 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing... High Unreviewed
CVE-2025-30658 was published Apr 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding... High Unreviewed
CVE-2025-21595 was published Apr 9, 2025
In the Linux kernel, the following vulnerability has been resolved: power: supply: rk817: Fix... High Unreviewed
CVE-2023-52571 was published Mar 3, 2024
A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All... High Unreviewed
CVE-2022-38371 was published Oct 11, 2022
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation... High Unreviewed
CVE-2024-8626 was published Oct 8, 2024
Missing permission checks in Jenkins Chaos Monkey Plugin High
CVE-2020-2322 was published for io.jenkins.plugins:chaos-monkey (Maven) May 24, 2022
NotMyFault anonymous-nlp-student
Credited to NotMyFault and anonymous-nlp-student
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will... High Unreviewed
CVE-2023-3592 was published Oct 2, 2023
go-crypto-winnative BCryptGenerateSymmetricKey memory leak High
CVE-2025-25199 was published for github.com/microsoft/go-crypto-winnative (Go) Feb 12, 2025
clarkb7
Credited to clarkb7
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove cache... High Unreviewed
CVE-2024-56669 was published Dec 27, 2024
When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in... High Unreviewed
CVE-2025-21091 was published Feb 5, 2025
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a... High Unreviewed
CVE-2024-3382 was published Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use... High Unreviewed
CVE-2024-26734 was published Apr 3, 2024
A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Tunnel Driver ... High Unreviewed
CVE-2025-21599 was published Jan 9, 2025
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine... High Unreviewed
CVE-2021-40114 was published May 24, 2022
In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation... High Unreviewed
CVE-2024-8376 was published Oct 11, 2024
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
andrewpollock
Credited to qmuntal, r3kumar, and andrewpollock
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database