Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

376 advisories

Loading
An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in... Moderate Unreviewed
CVE-2026-40210 was published Jun 25, 2026
Tornado has out-of-bounds memory access via C extension Low
CVE-2026-49854 was published for tornado (pip) Jun 12, 2026
sondt99 Credited to sondt99
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information... Moderate Unreviewed
CVE-2026-45460 was published Jun 9, 2026
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to... High Unreviewed
CVE-2026-42828 was published Jun 9, 2026
A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the... Moderate Unreviewed
CVE-2026-11787 was published Jun 9, 2026
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker... High Unreviewed
CVE-2026-44185 was published Jun 8, 2026
Information Disclosure when processing advertisement frames with malformed MBSSID elements of... Moderate Unreviewed
CVE-2025-59609 was published Jun 2, 2026
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret... High Unreviewed
CVE-2026-5260 was published May 27, 2026
OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers Moderate
CVE-2026-45684 was published for go.opentelemetry.io/obi (Go) May 18, 2026
MrAlias Credited to MrAlias and mmat11 mmat11 mmat11
Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of... Moderate Unreviewed
CVE-2026-6575 was published May 14, 2026
Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in... Moderate Unreviewed
CVE-2026-8463 was published May 13, 2026
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose... High Unreviewed
CVE-2026-34336 was published May 12, 2026
diesel-async may expose uninitialized padding bytes for MySQL temporal columns Low
GHSA-ff9q-rm55-q7qr was published for diesel-async (Rust) May 7, 2026
paolobarbolini Credited to paolobarbolini
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size. Moderate Unreviewed
CVE-2025-47406 was published May 4, 2026
Transient DOS when processing a malformed Fast Transition response frame with an invalid header... Moderate Unreviewed
CVE-2025-47403 was published May 4, 2026
Transient DOS when processing target power rate tables during channel configuration. Moderate Unreviewed
CVE-2025-47401 was published May 4, 2026
Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server:... High Unreviewed
CVE-2026-34059 was published May 4, 2026
AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c... High Unreviewed
CVE-2026-37532 was published May 1, 2026
Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of... Moderate Unreviewed
CVE-2026-6532 was published Apr 30, 2026
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2... Moderate Unreviewed
CVE-2026-6238 was published Apr 28, 2026
rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer High
CVE-2026-41898 was published for openssl (Rust) Apr 22, 2026
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize... Low Unreviewed
CVE-2026-0930 was published Apr 21, 2026
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate... High Unreviewed
CVE-2026-26184 was published Apr 14, 2026
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Moderate Unreviewed
CVE-2026-26155 was published Apr 14, 2026
Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information... Moderate Unreviewed
CVE-2026-26169 was published Apr 14, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database