Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,949
Maven
5,000+
npm
5,000+
NuGet
969
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,383
Swift
56
Unreviewed advisories
All unreviewed
5,000+

4,812 advisories

Loading
A NULL pointer dereference in the gf_filter_pid_resolve_file_template_ex function (/filter_core... Moderate Unreviewed
CVE-2025-60477 was published Jun 3, 2026
Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to... Moderate Unreviewed
CVE-2026-8035 was published Jun 2, 2026
In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an... Moderate Unreviewed
CVE-2026-28581 was published Jun 2, 2026
Memory Corruption when running a memory copy operation due to invalid writes caused by a null... High Unreviewed
CVE-2025-59604 was published Jun 2, 2026
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion... High Unreviewed
CVE-2025-59606 was published Jun 2, 2026
A NULL pointer dereference in the ext4_dir_en_get_name_len function in include/ext4_dir.h of... High Unreviewed
CVE-2025-70099 was published Jun 1, 2026
FlexRIC v2.0.0 crashes when the iApp receives an E42_RIC_SUBSCRIPTION_REQUEST referencing a non... High Unreviewed
CVE-2026-37226 was published Jun 1, 2026
FlexRIC v2.0.0 crashes when the near-RT RIC receives a RIC_INDICATION message with a ran_func_id... High Unreviewed
CVE-2026-37230 was published Jun 1, 2026
A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of... Moderate Unreviewed
CVE-2025-60485 was published Jun 1, 2026
A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of... Moderate Unreviewed
CVE-2025-60495 was published Jun 1, 2026
A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools... Moderate Unreviewed
CVE-2025-60483 was published Jun 1, 2026
A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC... Moderate Unreviewed
CVE-2025-60481 was published Jun 1, 2026
Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling... Moderate Unreviewed
CVE-2026-47335 was published May 28, 2026
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in... Low Unreviewed
CVE-2026-47337 was published May 28, 2026
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in... Low Unreviewed
CVE-2026-47327 was published May 28, 2026
When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule... High Unreviewed
CVE-2026-8359 was published May 27, 2026
Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e.,... High Unreviewed
CVE-2026-8360 was published May 27, 2026
ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of... Moderate Unreviewed
CVE-2026-9759 was published May 27, 2026
A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown... Moderate Unreviewed
CVE-2025-70116 was published May 27, 2026
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed... High Unreviewed
CVE-2026-8180 was published May 27, 2026
A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer... Moderate Unreviewed
CVE-2026-7450 was published May 26, 2026
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module... High Unreviewed
CVE-2026-8850 was published May 26, 2026
IEC 60870-5-104 used in bidirectional mode is vulnerable for a NULL pointer dereferencing, if a... Moderate Unreviewed
CVE-2026-8479 was published May 26, 2026
In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and... High Unreviewed
CVE-2026-48829 was published May 26, 2026
qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set Moderate
CVE-2026-8723 was published for qs (npm) May 22, 2026
joannalange Credited to joannalange and ljharb ljharb ljharb
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database