Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,039
Maven
5,000+
npm
4,779
NuGet
824
pip
4,380
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

1,427 advisories

Loading
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in... Unknown Unreviewed
CVE-2026-2597 was published Feb 27, 2026
Golioth Pouch version 0.1.0 prior to [INSERT FIXED VERSION], fixed in commit 1b2219a1, contain a... High Unreviewed
CVE-2026-23750 was published Feb 26, 2026
ImageMagick: Heap-based Buffer Overflow in GetPixelIndex due to metadata-cache desynchronization Low
GHSA-gq5v-qf8q-fp77 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 25, 2026
ylwango613 Credited to ylwango613
ImageMagick: Heap overflow in sun decoder on 32-bit systems may result in out of bounds write Moderate
CVE-2026-25897 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ImageMagick has heap-buffer-overflow via signed integer overflow in WriteUHDRImage when writing UHDR images with large dimensions High
CVE-2026-25794 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
ImageMagick: Out of bounds read in multiple coders read raw pixel data Moderate
CVE-2026-25576 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the ... High Unreviewed
CVE-2025-14905 was published Feb 23, 2026
GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-2047 was published Feb 21, 2026
GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-0797 was published Feb 21, 2026
Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker... High Unreviewed
CVE-2026-2648 was published Feb 19, 2026
Heap buffer overflow in Media in Google Chrome prior to 145.0.7632.109 allowed a remote attacker... High Unreviewed
CVE-2026-2650 was published Feb 19, 2026
Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in... High Unreviewed
CVE-2026-2474 was published Feb 16, 2026
Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7... High Unreviewed
CVE-2026-2447 was published Feb 16, 2026
A heap buffer overflow vulnerability in the UPF component of free5GC v4.0.1 allows remote... High Unreviewed
CVE-2025-70122 was published Feb 13, 2026
Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field... High Unreviewed
CVE-2019-25327 was published Feb 13, 2026
A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7... High Unreviewed
CVE-2025-67433 was published Feb 12, 2026
Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve unknown impacts via... High Unreviewed
CVE-2026-2007 was published Feb 12, 2026
Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary... High Unreviewed
CVE-2026-2005 was published Feb 12, 2026
Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker... High Unreviewed
CVE-2026-2314 was published Feb 11, 2026
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker... Low Unreviewed
CVE-2025-57709 was published Feb 11, 2026
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow... Moderate Unreviewed
CVE-2026-21358 was published Feb 10, 2026
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2026-21357 was published Feb 10, 2026
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2026-21239 was published Feb 10, 2026
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. High Unreviewed
CVE-2026-21244 was published Feb 10, 2026
Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized... High Unreviewed
CVE-2026-21236 was published Feb 10, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database