Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,175
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

362 advisories

Loading
GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by... Moderate Unreviewed
CVE-2026-41992 was published Jun 29, 2026
An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in... Moderate Unreviewed
CVE-2026-40210 was published Jun 25, 2026
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information... Moderate Unreviewed
CVE-2026-45460 was published Jun 9, 2026
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to... High Unreviewed
CVE-2026-42828 was published Jun 9, 2026
A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the... Moderate Unreviewed
CVE-2026-11787 was published Jun 9, 2026
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker... High Unreviewed
CVE-2026-44185 was published Jun 8, 2026
Information Disclosure when processing advertisement frames with malformed MBSSID elements of... Moderate Unreviewed
CVE-2025-59609 was published Jun 2, 2026
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret... High Unreviewed
CVE-2026-5260 was published May 27, 2026
Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of... Moderate Unreviewed
CVE-2026-6575 was published May 14, 2026
Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in... Moderate Unreviewed
CVE-2026-8463 was published May 13, 2026
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose... High Unreviewed
CVE-2026-34336 was published May 12, 2026
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size. Moderate Unreviewed
CVE-2025-47406 was published May 4, 2026
Transient DOS when processing target power rate tables during channel configuration. Moderate Unreviewed
CVE-2025-47401 was published May 4, 2026
Transient DOS when processing a malformed Fast Transition response frame with an invalid header... Moderate Unreviewed
CVE-2025-47403 was published May 4, 2026
Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server:... High Unreviewed
CVE-2026-34059 was published May 4, 2026
AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c... High Unreviewed
CVE-2026-37532 was published May 1, 2026
Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of... Moderate Unreviewed
CVE-2026-6532 was published Apr 30, 2026
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2... Moderate Unreviewed
CVE-2026-6238 was published Apr 28, 2026
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize... Low Unreviewed
CVE-2026-0930 was published Apr 21, 2026
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate... High Unreviewed
CVE-2026-26184 was published Apr 14, 2026
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Moderate Unreviewed
CVE-2026-26155 was published Apr 14, 2026
Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information... Moderate Unreviewed
CVE-2026-26169 was published Apr 14, 2026
A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c)... Low Unreviewed
CVE-2026-5772 was published Apr 10, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL... High Unreviewed
CVE-2026-21378 was published Apr 6, 2026
Transient DOS when receiving a service data frame with excessive length during device matching... High Unreviewed
CVE-2026-21381 was published Apr 6, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database