Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

264 advisories

Loading
FontForge v20230101 was discovered to contain a memory leak via the utf7toutf8_copy function at ... High Unreviewed
CVE-2025-50951 was published Oct 23, 2025
radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. High Unreviewed
CVE-2025-60358 was published Oct 16, 2025
When a client SSL profile is configured on a virtual server, undisclosed requests can cause an... High Unreviewed
CVE-2025-61974 was published Oct 15, 2025
When SNMP is configured on F5OS Appliance and Chassis systems, undisclosed requests can cause an... High Unreviewed
CVE-2025-47150 was published Oct 15, 2025
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS... High Unreviewed
CVE-2025-20239 was published Aug 14, 2025
A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of... High Unreviewed
CVE-2025-20133 was published Aug 14, 2025
Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue... High Unreviewed
CVE-2025-53020 was published Jul 10, 2025
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an... High Unreviewed
CVE-2025-29828 was published Jun 10, 2025
Multer vulnerable to Denial of Service via memory leaks from unclosed streams High
CVE-2025-47935 was published for multer (npm) May 19, 2025
ctcpip UlisesGascon
UnlimitedBytes
Credited to ctcpip, UlisesGascon, and UnlimitedBytes
A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing... High Unreviewed
CVE-2025-30658 was published Apr 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding... High Unreviewed
CVE-2025-30647 was published Apr 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding... High Unreviewed
CVE-2025-21595 was published Apr 9, 2025
io.quarkus:quarkus-resteasy: Memory Leak in Quarkus RESTEasy Classic When Client Requests Timeout High
CVE-2025-1634 was published for io.quarkus:quarkus-resteasy (Maven) Feb 26, 2025
r3kumar
Credited to r3kumar
go-crypto-winnative BCryptGenerateSymmetricKey memory leak High
CVE-2025-25199 was published for github.com/microsoft/go-crypto-winnative (Go) Feb 12, 2025
clarkb7
Credited to clarkb7
When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in... High Unreviewed
CVE-2025-21091 was published Feb 5, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Tunnel Driver ... High Unreviewed
CVE-2025-21599 was published Jan 9, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix... High Unreviewed
CVE-2024-56775 was published Jan 8, 2025
When segmenting specially crafted text, segmentation would corrupt memory leading to a... High Unreviewed
CVE-2025-0241 was published Jan 7, 2025
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove cache... High Unreviewed
CVE-2024-56669 was published Dec 27, 2024
In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation... High Unreviewed
CVE-2024-8376 was published Oct 11, 2024
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-47493 was published Oct 11, 2024
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation... High Unreviewed
CVE-2024-8626 was published Oct 8, 2024
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software... High Unreviewed
CVE-2024-20304 was published Sep 11, 2024
ic-cdk has a memory leak when calling a canister method via `ic_cdk::call` High
CVE-2024-7884 was published for ic_cdk (Rust) Sep 5, 2024
adamspofford-dfinity
Credited to adamspofford-dfinity
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and... High Unreviewed
CVE-2024-44964 was published Sep 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database