Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
74
GitHub Actions
54
Go
4,080
Maven
5,000+
npm
5,000+
NuGet
994
pip
5,000+
Pub
13
RubyGems
1,095
Rust
1,412
Swift
61
Unreviewed advisories
All unreviewed
5,000+

46 advisories

Loading
libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in... Critical Unreviewed
CVE-2026-55200 was published Jun 17, 2026
Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with... Critical Unreviewed
CVE-2026-8376 was published May 26, 2026
Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2026-24928 was published Feb 6, 2026
bytes has integer overflow in BytesMut::reserve Moderate
CVE-2026-25541 was published for bytes (Rust) Feb 3, 2026
ksj1230 Credited to ksj1230, Darksonn, and seanmonstar Darksonn Darksonn
seanmonstar seanmonstar
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL... High Unreviewed
CVE-2025-52930 was published Aug 26, 2025
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL... High Unreviewed
CVE-2025-52456 was published Aug 26, 2025
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL... High Unreviewed
CVE-2025-46407 was published Aug 26, 2025
A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL... High Unreviewed
CVE-2025-32468 was published Aug 26, 2025
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL... High Unreviewed
CVE-2025-53510 was published Aug 26, 2025
A vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security... High Unreviewed
CVE-2025-20263 was published Aug 14, 2025
ExecuTorch integer overflow vulnerability leads to code execution Moderate
CVE-2025-54952 was published for executorch (pip) Aug 8, 2025
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker... High Unreviewed
CVE-2025-23326 was published Aug 6, 2025
Out-of-bounds read vulnerability in the devicemanager module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-54623 was published Aug 6, 2025
A memory corruption vulnerability exists in the Shared String Table Record Parser implementation... High Unreviewed
CVE-2024-48877 was published Jun 2, 2025
Memory corruption while transmitting packet mapping information with invalid header payload size. High Unreviewed
CVE-2025-21442 was published Apr 7, 2025
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this... High Unreviewed
CVE-2024-58107 was published Apr 7, 2025
Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation... Low Unreviewed
CVE-2024-57956 was published Feb 6, 2025
Integer overflow vulnerability during glTF model loading in the 3D engine module Impact:... High Unreviewed
CVE-2024-56451 was published Jan 8, 2025
Memory corruption while processing voice packet with arbitrary data received from ADSP. High Unreviewed
CVE-2024-38422 was published Nov 4, 2024
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer... Moderate Unreviewed
CVE-2024-6381 was published Jul 2, 2024
Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger... Critical Unreviewed
CVE-2024-33078 was published May 1, 2024
Pillow buffer overflow vulnerability High
CVE-2024-28219 was published for pillow (pip) Apr 3, 2024
Memory corruption while allocating memory for graphics. High Unreviewed
CVE-2024-21470 was published Apr 1, 2024
Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. High Unreviewed
CVE-2024-21454 was published Apr 1, 2024
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()... High Unreviewed
CVE-2024-2608 was published Mar 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database