Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

4,789 advisories

Loading
ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of... Moderate Unreviewed
CVE-2026-9759 was published May 27, 2026
When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule... High Unreviewed
CVE-2026-8359 was published May 27, 2026
Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e.,... High Unreviewed
CVE-2026-8360 was published May 27, 2026
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed... High Unreviewed
CVE-2026-8180 was published May 27, 2026
A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer... Moderate Unreviewed
CVE-2026-7450 was published May 26, 2026
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module... High Unreviewed
CVE-2026-8850 was published May 26, 2026
IEC 60870-5-104 used in bidirectional mode is vulnerable for a NULL pointer dereferencing, if a... Moderate Unreviewed
CVE-2026-8479 was published May 26, 2026
In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and... High Unreviewed
CVE-2026-48829 was published May 26, 2026
qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set Moderate
CVE-2026-8723 was published for qs (npm) May 22, 2026
joannalange Credited to joannalange and ljharb ljharb ljharb
HAX CMS: Denial of Service using Malicious Import Request Moderate
CVE-2026-46357 was published for @haxtheweb/haxcms-nodejs (npm) May 19, 2026
silentrex04 Credited to silentrex04
NULL pointer dereference vulnerability in Samsung Open Source Walrus allows Pointer Manipulation.... Moderate Unreviewed
CVE-2026-47308 was published May 19, 2026
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. Low Unreviewed
CVE-2026-25110 was published May 19, 2026
NULL pointer dereference vulnerability in Samsung Open Source Walrus allows an attacker to cause... Moderate Unreviewed
CVE-2026-47307 was published May 19, 2026
When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are... High Unreviewed
CVE-2026-42409 was published May 13, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over... High Unreviewed
CVE-2026-40413 was published May 12, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally. High Unreviewed
CVE-2026-40401 was published May 12, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a... High Unreviewed
CVE-2026-40405 was published May 12, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over... High Unreviewed
CVE-2026-40414 was published May 12, 2026
Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-34662 was published May 12, 2026
Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to... Moderate Unreviewed
CVE-2026-34350 was published May 12, 2026
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an... Moderate Unreviewed
CVE-2026-34339 was published May 12, 2026
Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13... Moderate Unreviewed
CVE-2026-20771 was published May 12, 2026
Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 2.6.0... Moderate Unreviewed
CVE-2026-20914 was published May 12, 2026
The affected devices contain a null pointer dereference vulnerability while processing specially... High Unreviewed
CVE-2025-40833 was published May 12, 2026
A null pointer dereference was addressed with improved input validation. This issue is fixed in... Moderate Unreviewed
CVE-2026-28985 was published May 11, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database