Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack Moderate
CVE-2025-46730 was published for mobsf (pip) May 5, 2025
ssshah2131
Credited to ssshah2131
pypdf can exhaust RAM via manipulated LZWDecode streams Moderate
CVE-2025-62708 was published for pypdf (pip) Oct 22, 2025
tylzh97 stefan6419846
Credited to tylzh97 and stefan6419846
pypdf's LZWDecode streams be manipulated to exhaust RAM Moderate
GHSA-m449-cwjh-6pw7 was published for pypdf (pip) Nov 24, 2025
aydinnyunus stefan6419846
Credited to aydinnyunus and stefan6419846
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database