Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

146 advisories

Loading
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny... Moderate Unreviewed
CVE-2026-42915 was published Jun 9, 2026
rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers Moderate
CVE-2026-45784 was published for openssl (Rust) May 19, 2026
thesmartshadow Credited to thesmartshadow
ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression Moderate
CVE-2026-46521 was published for Magick.NET-Q16-AnyCPU (NuGet) May 18, 2026
sharadboni Credited to sharadboni
When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition (VE) without... High Unreviewed
CVE-2026-40618 was published May 13, 2026
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment... Moderate Unreviewed
CVE-2026-43302 was published May 8, 2026
vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters Moderate
CVE-2026-44223 was published for vllm (pip) May 6, 2026
Yunzez Credited to Yunzez
In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMA_IF_ID in... Moderate Unreviewed
CVE-2026-43107 was published May 6, 2026
Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT... Critical Unreviewed
CVE-2026-1949 was published Apr 24, 2026
rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1 High
CVE-2026-41676 was published for openssl (Rust) Apr 22, 2026
Brillig: Heap corruption in foreign call results with nested tuple arrays Critical
CVE-2026-41197 was published for brillig (Rust) Apr 21, 2026
NEMU (OpenXiangShan/NEMU) before v2025.12.r2 contains an improper instruction-validation flaw in... High Unreviewed
CVE-2026-29645 was published Apr 20, 2026
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can... Moderate Unreviewed
CVE-2026-40918 was published Apr 15, 2026
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of... Critical Unreviewed
CVE-2026-20911 was published Apr 7, 2026
NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker... Moderate Unreviewed
CVE-2025-33216 was published Mar 24, 2026
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder... Moderate Unreviewed
CVE-2019-25555 was published Mar 21, 2026
A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange... High Unreviewed
CVE-2026-20049 was published Mar 4, 2026
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by... Moderate Unreviewed
CVE-2026-2738 was published Feb 19, 2026
IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to... Moderate Unreviewed
CVE-2025-33124 was published Feb 17, 2026
In the Eclipse OMR port library component since release 0.2.0, an API function to return the... Moderate Unreviewed
CVE-2026-1188 was published Jan 29, 2026
Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a... High Unreviewed
CVE-2025-62550 was published Dec 9, 2025
A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw... Moderate Unreviewed
CVE-2025-61661 was published Nov 18, 2025
Memory corruption while processing a GP command response. High Unreviewed
CVE-2025-27074 was published Nov 4, 2025
IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, 5.1, 6... Moderate Unreviewed
CVE-2025-33126 was published Oct 28, 2025
Memory corruption during PlayReady APP usecase while processing TA commands. High Unreviewed
CVE-2025-27053 was published Oct 9, 2025
ImageMagick BlobStream Forward-Seek Under-Allocation Low
CVE-2025-57807 was published for Magick.NET-Q16-HDRI-OpenMP-arm64 (NuGet) Sep 5, 2025
mescuwa Credited to mescuwa
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database