Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

29 advisories

Loading
rardecode: DoS risk due to unrestricted RAR dictionary sizes Moderate
CVE-2025-11579 was published for github.com/nwaples/rardecode/v2 (Go) Oct 10, 2025
Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder High
CVE-2025-54801 was published for github.com/gofiber/fiber/v2 (Go) Aug 5, 2025
anuraagbaishya
Credited to anuraagbaishya
File Browser's Uncontrolled Memory Consumption vulnerability can enable DoS attack due to oversized file processing High
CVE-2025-53893 was published for github.com/filebrowser/filebrowser/v2 (Go) Jul 16, 2025
maen08 hacdias
Credited to maen08 and hacdias
Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation Moderate
CVE-2025-27533 was published for org.apache.activemq:activemq-client (Maven) May 7, 2025
net-imap rubygem vulnerable to possible DoS by memory exhaustion Moderate
CVE-2025-43857 was published for net-imap (RubyGems) Apr 28, 2025
Masamuneee nevans
Credited to Masamuneee and nevans
SurrealDB memory exhaustion via string::replace using regex High
GHSA-3633-g6mg-p6qq was published for surrealdb (Rust) Apr 11, 2025
cure53
Credited to cure53
Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination Moderate
CVE-2025-32386 was published for helm.sh/helm/v3 (Go) Apr 10, 2025
jake-ciolek
Credited to jake-ciolek
Possible DoS by memory exhaustion in net-imap Moderate
CVE-2025-25186 was published for net-imap (RubyGems) Feb 10, 2025
manunio nevans
Credited to manunio and nevans
matrix-media-repo (MMR) allows a denial of service through memory exhaustion Moderate
CVE-2024-52791 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder Moderate
CVE-2024-41132 was published for SixLabors.ImageSharp (NuGet) Jul 22, 2024
ErazerBrecht
Credited to ErazerBrecht
@grpc/grpc-js can allocate memory for incoming messages well above configured limits Moderate
CVE-2024-37168 was published for @grpc/grpc-js (npm) Jun 10, 2024
jhump
Credited to jhump
SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size Value Moderate
CVE-2024-32035 was published for SixLabors.ImageSharp (NuGet) Apr 15, 2024
skanejohan
Credited to skanejohan
amphp/http-client Denial of Service via HTTP/2 CONTINUATION Frames High
GHSA-w8gf-g2vq-j2f4 was published for amphp/http-client (Composer) Apr 3, 2024
bartekn
Credited to bartekn
Undertow vulnerable to denial of service High
CVE-2023-3223 was published for io.undertow:undertow-parent (Maven) Sep 27, 2023
Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input High
CVE-2023-37279 was published for github.com/contribsys/faktory (Go) Sep 20, 2023
Malayke
Credited to Malayke
Excessive Iteration in gRPC High
CVE-2023-33953 was published for grpc (RubyGems) Aug 9, 2023
levpachmanov
Credited to levpachmanov
vyper vulnerable to storage allocator overflow High
CVE-2023-30837 was published for vyper (pip) May 5, 2023
ToonVanHove trocher
Credited to ToonVanHove and trocher
docconv vulnerable to Memory Allocation with Excessive Size Value Moderate
CVE-2022-4741 was published for code.sajari.com/docconv (Go) Dec 25, 2022
Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service High
CVE-2022-34917 was published for org.apache.kafka:kafka (Maven) Sep 21, 2022
jkmartindale
Credited to jkmartindale
Binary vulnerable to Slice Memory Allocation with Excessive Size Value High
CVE-2022-36078 was published for github.com/gagliardetto/binary (Go) Sep 16, 2022
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29863 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Credited to mregen
Symfony Denial of Service Via Long Password Hashing Moderate
CVE-2013-5958 was published for symfony/polyfill (Composer) May 17, 2022
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes Moderate
CVE-2020-8551 was published for k8s.io/kubernetes (Go) Feb 15, 2022
Kubernetes API Server DoS Via API Requests Moderate
CVE-2020-8552 was published for k8s.io/apiserver (Go) Feb 15, 2022
skitt marquiz
toddtreece
Credited to skitt, marquiz, and toddtreece
Memory over-allocation in evm-core Moderate
GHSA-773q-5334-5gf9 was published for evm-core (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database