Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

4,863 advisories

Loading
A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk... Moderate Unreviewed
CVE-2026-1288 was published Jun 17, 2026
A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing... Moderate Unreviewed
CVE-2025-70102 was published Jun 15, 2026
A NULL pointer dereference in the gf_isom_copy_sample_info function (isomedia/isom_write.c) of... Moderate Unreviewed
CVE-2025-55641 was published Jun 15, 2026
A NULL pointer dereference in the TrackWriter handling component (filters/mux_isom.c) of GPAC... Moderate Unreviewed
CVE-2025-55643 was published Jun 15, 2026
A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC... Moderate Unreviewed
CVE-2025-55663 was published Jun 15, 2026
A NULL pointer dereference in the gf_media_map_esd function (media_tools/isom_tools.c) of GPAC... Moderate Unreviewed
CVE-2025-55649 was published Jun 15, 2026
Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed... Moderate Unreviewed
CVE-2025-7018 was published Jun 13, 2026
Incus has a Nil-Pointer Dereference Panic via Instance Backup Import (volume omitted) Moderate
CVE-2026-47753 was published for github.com/lxc/incus/v7 (Go) Jun 10, 2026
tonghuaroot Credited to tonghuaroot and stgraber stgraber stgraber
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2026-24716 was published Jun 10, 2026
A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote... Moderate Unreviewed
CVE-2026-22899 was published Jun 10, 2026
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2025-66281 was published Jun 10, 2026
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2025-62850 was published Jun 10, 2026
In MongoDB Server 8.0, an aggregation stage can leave its _subPipeline field null during... High Unreviewed
CVE-2026-9743 was published Jun 10, 2026
An authorized user could trigger a server crash by running a query with a 2dsphere index on a... High Unreviewed
CVE-2026-9752 was published Jun 10, 2026
A NULL pointer dereference in the ctts_box_write function (isomedia/box_code_base.c) of GPAC... Moderate Unreviewed
CVE-2025-55659 was published Jun 9, 2026
A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC... High Unreviewed
CVE-2025-55657 was published Jun 9, 2026
A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of... Moderate Unreviewed
CVE-2025-55651 was published Jun 9, 2026
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-34703 was published Jun 9, 2026
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-34704 was published Jun 9, 2026
Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a... Moderate Unreviewed
CVE-2026-42903 was published Jun 9, 2026
Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer... High Unreviewed
CVE-2026-42764 was published Jun 9, 2026
Issue summary: When a partial-chain certificate verification is enabled together with OCSP... High Unreviewed
CVE-2026-42765 was published Jun 9, 2026
Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer... Moderate Unreviewed
CVE-2026-42766 was published Jun 9, 2026
Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger... Moderate Unreviewed
CVE-2026-42767 was published Jun 9, 2026
A flaw was found in 389 Directory Server. The dereference control plugin does not check for... Moderate Unreviewed
CVE-2026-11788 was published Jun 9, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database