Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,248
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,513
Pub
12
RubyGems
997
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow High
CVE-2022-40151 was published for com.thoughtworks.xstream:xstream (Maven) Dec 30, 2022
XStream can cause Denial of Service via stack overflow High
CVE-2022-41966 was published for com.thoughtworks.xstream:xstream (Maven) Dec 29, 2022
Vapor vulnerable to denial of service in URLEncodedFormDecoder High
CVE-2022-31019 was published for github.com/vapor/vapor (Swift) Jun 7, 2023
weissi Credited to weissi
whoami stack buffer overflow on several Unix platforms High
GHSA-w5w5-8vfh-xcjq was published for whoami (Rust) Apr 5, 2024
CWA-2024-005: Stackoverflow in wasmd High
GHSA-g8w7-7vgg-x7xg was published for github.com/CosmWasm/wasmd (Go) Aug 21, 2024
unknownfeature Credited to unknownfeature
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API High
CVE-2025-23388 was published for github.com/rancher/rancher (Go) Feb 27, 2025
AnonySE26 Credited to AnonySE26
jackson-core can throw a StackoverflowError when processing deeply nested data High
CVE-2025-52999 was published for com.fasterxml.jackson.core:jackson-core (Maven) Jun 27, 2025
XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream High
CVE-2024-47072 was published for com.thoughtworks.xstream:xstream (Maven) Nov 7, 2024
DarkaMaul Credited to DarkaMaul
rPGP affected by crash in message handling for deeply nested messages High
GHSA-8h58-w33p-wq3g was published for pgp (Rust) Feb 13, 2026
invd Credited to invd
ImageMagick: Stack buffer overflow in FTXT reader via oversized integer field High
CVE-2026-25967 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
ImageMagick: MSL attribute stack buffer overflow leads to out of bounds write. High
CVE-2026-25968 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
ImageMagick vulnerable to stack corruption through long morphology kernel names or arrays High
CVE-2026-28494 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ImageMagick has stack buffer overflow in MagnifyImage High
CVE-2026-30929 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ThePwnish3r Credited to ThePwnish3r
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database