Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

30 advisories

Loading
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD)... Moderate Unreviewed
CVE-2025-8291 was published Oct 7, 2025
Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow... High Unreviewed
CVE-2024-36342 was published Sep 6, 2025
There is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing... High Unreviewed
CVE-2025-57775 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking resulting in an... High Unreviewed
CVE-2025-57776 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking in displ2.dll when... High Unreviewed
CVE-2025-57777 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking resulting in a... High Unreviewed
CVE-2025-9189 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking resulting in an... High Unreviewed
CVE-2025-57778 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking resulting in... High Unreviewed
CVE-2025-57774 was published Sep 2, 2025
A memory corruption vulnerability due to improper input validation in lvpict.cpp exists in NI... High Unreviewed
CVE-2025-7848 was published Jul 30, 2025
A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists... High Unreviewed
CVE-2025-7849 was published Jul 30, 2025
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may... High Unreviewed
CVE-2025-2634 was published Jul 23, 2025
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre... High Unreviewed
CVE-2025-2633 was published Jul 23, 2025
Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi... Critical Unreviewed
CVE-2025-3755 was published May 29, 2025
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to... Critical Unreviewed
CVE-2025-3357 was published May 28, 2025
Formwork improperly validates input of User role preventing site and panel availability High
GHSA-c85w-x26q-ch87 was published for getformwork/formwork (Composer) Mar 1, 2025
Kyokito1412 giuscris
Credited to Kyokito1412 and giuscris
An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI... High Unreviewed
CVE-2024-10496 was published Dec 10, 2024
An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may... High Unreviewed
CVE-2024-10494 was published Dec 10, 2024
An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp... High Unreviewed
CVE-2024-10495 was published Dec 10, 2024
The NVMe driver queue processing is vulernable to guest-induced infinite loops. Moderate Unreviewed
CVE-2024-51566 was published Nov 12, 2024
A guest can trigger an infinite loop in the hda audio driver. High Unreviewed
CVE-2024-51564 was published Nov 12, 2024
NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line... Low Unreviewed
CVE-2024-0123 was published Oct 3, 2024
An improper error handling vulnerability in LabVIEW may result in remote code execution. ... High Unreviewed
CVE-2024-23609 was published Mar 11, 2024
An improper error handling vulnerability in LabVIEW may result in remote code execution. ... High Unreviewed
CVE-2024-23612 was published Mar 11, 2024
ASA-2024-002: Default `PrepareProposalHandler` may produce invalid proposals when used with default `SenderNonceMempool` Moderate
GHSA-2557-x9mg-76w8 was published for github.com/cosmos/cosmos-sdk (Go) Feb 21, 2024
KonradStaniec gitferry
SebastianElvis vitsalis
Credited to KonradStaniec, gitferry, SebastianElvis, and vitsalis
Vulnerability of input parameters being not strictly verified in the PMS module. Successful... High Unreviewed
CVE-2023-39389 was published Aug 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database