Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

337 advisories

Loading
Out-of-Bounds Slice Access in free5GC CHF Leading to DoS High
CVE-2026-32937 was published for github.com/free5gc/chf (Go) Mar 18, 2026
LinZiyuu Credited to LinZiyuu
pgproto3: Negative field length panics in DataRow.Decode High
CVE-2026-4427 was published for github.com/jackc/pgproto3/v2 (Go) Mar 19, 2026
gosaml2 CBC Padding Panic — Unauthenticated Process Crash High
GHSA-hwqm-qvj9-4jr2 was published for github.com/russellhaering/gosaml2 (Go) Mar 18, 2026
xclow3n Credited to xclow3n
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall... High Unreviewed
CVE-2025-71203 was published Feb 14, 2026
Denial of service in github.com/jackc/pgproto3/v2 High
GHSA-jqcq-xjh3-6g23 was published for github.com/jackc/pgproto3/v2 (Go) Mar 18, 2026
GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-3083 was published Mar 16, 2026
idunno.Bluesky, idunno.AtProto and idunno.AtProto.OAuthCallback Denial of Service Vulnerability High
GHSA-8fh9-c4jq-94h4 was published for idunno.AtProto (NuGet) Mar 13, 2026
Missing validation of multibyte character length in PostgreSQL text manipulation allows a... High Unreviewed
CVE-2026-2006 was published Feb 12, 2026
In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of... High Unreviewed
CVE-2025-38697 was published Sep 5, 2025
In the Linux kernel, the following vulnerability has been resolved: fs: jfs: Fix UBSAN: array... High Unreviewed
CVE-2023-53485 was published Oct 1, 2025
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use... High Unreviewed
CVE-2025-39823 was published Sep 16, 2025
Memory corruption when accessing resources in kernel driver. High Unreviewed
CVE-2025-47393 was published Jan 7, 2026
FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability... High Unreviewed
CVE-2025-15271 was published Dec 31, 2025
FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability... High Unreviewed
CVE-2025-15270 was published Dec 31, 2025
The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session... High Unreviewed
CVE-2025-65562 was published Dec 18, 2025
In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist... High Unreviewed
CVE-2025-38198 was published Jul 4, 2025
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the... High Unreviewed
CVE-2025-38146 was published Jul 3, 2025
In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix... High Unreviewed
CVE-2025-38239 was published Jul 9, 2025
Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an... High Unreviewed
CVE-2024-0901 was published Mar 26, 2024
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add... High Unreviewed
CVE-2023-53395 was published Sep 18, 2025
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Collect command... High Unreviewed
CVE-2023-53340 was published Sep 17, 2025
In the Linux kernel, the following vulnerability has been resolved: ata: ahci: Match... High Unreviewed
CVE-2022-50315 was published Sep 15, 2025
In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix nexthop hash size... High Unreviewed
CVE-2023-53192 was published Sep 15, 2025
A weakness in Automated Logic and Carrier i-Vu Gen5 router on driver version drv_gen5_106-01... High Unreviewed
CVE-2025-0657 was published Nov 27, 2025
vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs High
CVE-2025-62372 was published for vllm (pip) Nov 20, 2025
DarkLight1337 Credited to DarkLight1337, ywang96, Isotr0py, and russellb ywang96 ywang96
Isotr0py Isotr0py russellb russellb
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database