GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,292 advisories
OpenEXR Out-Of-Memory via Unbounded File Header Values
Moderate
CVE-2025-48074
was published
for
OpenEXR
(pip)
Jul 31, 2025
SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks
Moderate
CVE-2025-54575
was published
for
SixLabors.ImageSharp
(NuGet)
Jul 30, 2025
Ruby SAML DOS vulnerability with large SAML response
Moderate
CVE-2025-54572
was published
for
ruby-saml
(RubyGems)
Jul 30, 2025
Starlette has possible denial-of-service vector when parsing large files in multipart forms
Moderate
CVE-2025-54121
was published
for
starlette
(pip)
Jul 21, 2025
Incus Allocation of Resources Without Limits allows firewall rule bypass on managed bridge networks
Low
CVE-2025-52889
was published
for
github.com/lxc/incus/v6
(Go)
Jun 26, 2025
Withdrawn Advisory: microlight allows a denial of service
Low
CVE-2025-45526
was published
for
microlight
(npm)
Jun 17, 2025
•
withdrawn
Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers
High
CVE-2025-48976
was published
for
commons-fileupload:commons-fileupload
(Maven)
Jun 16, 2025
ProTip!
Advisories are also available from the
GraphQL API