GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
921 advisories
Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form
High
CVE-2025-30160
was published
for
redlib
(Rust)
Mar 21, 2025
Libcontainer is affected by capabilities elevation similar to GHSA-f3fp-gc8g-vw66
Moderate
CVE-2025-27612
was published
for
libcontainer
(Rust)
Mar 21, 2025
zip Incorrectly Canonicalizes Paths during Archive Extraction Leading to Arbitrary File Write
High
CVE-2025-29787
was published
for
zip
(Rust)
Mar 17, 2025
Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods
Low
CVE-2025-27512
was published
for
zincati
(Rust)
Mar 17, 2025
gurk (aka gurk-rs) mishandles ANSI escape sequences
Moderate
CVE-2025-30089
was published
for
gurk
(Rust)
Mar 17, 2025
Below has Incorrect Permission Assignment for Critical Resource
High
CVE-2025-27591
was published
for
below
(Rust)
Mar 11, 2025
AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure
Moderate
CVE-2025-27498
was published
for
ascon_aead
(Rust)
Mar 3, 2025
ntpd NTS client denial of service via wrongly sized cookies
Moderate
GHSA-v83q-83hj-rw38
was published
for
ntpd
(Rust)
Feb 28, 2025
Namada-apps allows Excessive Computation in Mempool Validation
Critical
GHSA-f8qm-hmm3-fv7f
was published
for
namada-apps
(Rust)
Feb 20, 2025
ProTip!
Advisories are also available from the
GraphQL API