Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,153
Maven
5,000+
npm
5,000+
NuGet
861
pip
4,451
Pub
12
RubyGems
991
Rust
1,179
Swift
50
Unreviewed advisories
All unreviewed
5,000+

7,335 advisories

Loading
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose... Moderate Unreviewed
CVE-2026-25180 was published Mar 10, 2026
Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to... High Unreviewed
CVE-2026-23673 was published Mar 10, 2026
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability High Unreviewed
CVE-2026-23672 was published Mar 10, 2026
Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability. High Unreviewed
CVE-2026-3631 was published Mar 9, 2026
Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2026-28540 was published Mar 5, 2026
Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a... High Unreviewed
CVE-2026-3540 was published Mar 4, 2026
An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project... Moderate Unreviewed
CVE-2025-64736 was published Mar 3, 2026
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write... High Unreviewed
CVE-2026-0035 was published Mar 2, 2026
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in... Moderate Unreviewed
CVE-2026-23865 was published Mar 2, 2026
In display, there is a possible out of bounds read due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2026-20429 was published Mar 2, 2026
In display, there is a possible out of bounds read due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2026-20424 was published Mar 2, 2026
A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is the function... Moderate Unreviewed
CVE-2026-3391 was published Mar 1, 2026
A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function... Moderate Unreviewed
CVE-2026-3390 was published Mar 1, 2026
A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the... Moderate Unreviewed
CVE-2026-3386 was published Mar 1, 2026
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an... Low Unreviewed
CVE-2026-22717 was published Feb 27, 2026
A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the... Low Unreviewed
CVE-2026-3285 was published Feb 27, 2026
ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images Moderate
CVE-2026-27798 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 25, 2026
ylwango613 Credited to ylwango613
ImageMagick: Heap-based Buffer Overflow in GetPixelIndex due to metadata-cache desynchronization Low
GHSA-gq5v-qf8q-fp77 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 25, 2026
ylwango613 Credited to ylwango613
ImageMagick: Malicious PCD files trigger 1‑byte heap Out-of-bounds Read and DoS Low
GHSA-wgxp-q8xq-wpp9 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 25, 2026
ylwango613 Credited to ylwango613
ImageMagick: Integer Overflow in PSB (PSD v2) RLE decoding path causes heap Out of Bounds reads for 32-bit builds Low
CVE-2026-25984 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 25, 2026
andsopwn Credited to andsopwn
ImageMagick has a heap buffer over-read in its MAP image decoder Moderate
CVE-2026-25987 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
ImageMagick has Global Buffer Overflow (OOB Read) via Negative Pixel Index in UIL and XPM Writer Moderate
CVE-2026-25898 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to... Moderate Unreviewed
CVE-2026-0402 was published Feb 24, 2026
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148,... Critical Unreviewed
CVE-2026-2771 was published Feb 24, 2026
ImageMagick has Possible Heap Information Disclosure in PSD ZIP Decompression High
CVE-2026-24481 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database