Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

652 advisories

Loading
Integer overflow in Dawn in Google Chrome on Mac prior to 146.0.7680.153 allowed a remote... Moderate Unreviewed
CVE-2026-4453 was published Mar 20, 2026
bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby Moderate
CVE-2026-33306 was published for bcrypt (RubyGems) Mar 19, 2026
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on... Moderate Unreviewed
CVE-2026-2809 was published Mar 17, 2026
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on... Moderate Unreviewed
CVE-2025-15584 was published Mar 17, 2026
File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely Moderate
CVE-2026-32759 was published for github.com/filebrowser/filebrowser/v2 (Go) Mar 16, 2026
fg0x0 Credited to fg0x0
ImageMagick has Integer Overflow leading to out of bounds write in SIXEL decoder Moderate
CVE-2026-28493 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ImageMagick Has Signed Integer Overflow in SIXEL Decoder, Leading to Memory Corruption Moderate
CVE-2026-25970 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound... Moderate Unreviewed
CVE-2026-27281 was published Mar 10, 2026
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD... Moderate Unreviewed
CVE-2026-20025 was published Mar 4, 2026
neqo-qpack has iInteger overflow in qpack dynamic table indexing Moderate
GHSA-6w86-wgwq-rgq8 was published for neqo-qpack (Rust) Mar 4, 2026
Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound Moderate
CVE-2025-66168 was published for org.apache.activemq:activemq-all (Maven) Mar 4, 2026
psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps Moderate
CVE-2026-27809 was published for psd-tools (pip) Feb 26, 2026
Bug fixes in hpke-rs, hpke-rs-rust-crypto Moderate
GHSA-g433-pq76-6cmf was published for hpke-rs (Rust) Feb 13, 2026
A reachable infinite loop via an integer wraparound is present in Silicon Labs' Matter SDK which... Moderate Unreviewed
CVE-2026-0619 was published Feb 12, 2026
The integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass... Moderate Unreviewed
CVE-2024-36316 was published Feb 11, 2026
Insufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an... Moderate Unreviewed
CVE-2025-48515 was published Feb 10, 2026
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound... Moderate Unreviewed
CVE-2026-21354 was published Feb 10, 2026
Memory corruption when calculating oversized partition sizes without proper checks. Moderate Unreviewed
CVE-2025-47363 was published Feb 2, 2026
Memory corruption while calculating offset from partition start point. Moderate Unreviewed
CVE-2025-47364 was published Feb 2, 2026
In libexpat before 2.7.4, the doContent function does not properly determine the buffer size... Moderate Unreviewed
CVE-2026-25210 was published Jan 30, 2026
soroban-sdk has overflow in Bytes::slice, Vec::slice, GenRange::gen_range for u64 Moderate
CVE-2026-24889 was published for soroban-sdk (Rust) Jan 28, 2026
leighmcculloch Credited to leighmcculloch, jayz22, dmkozh, and kanwalpreetd jayz22 jayz22
dmkozh dmkozh kanwalpreetd kanwalpreetd
Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec Moderate
CVE-2026-24807 was published for com.github.liuyueyi.media:batik-codec-fix (Maven) Jan 27, 2026
Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager (app/src/main/java/org... Moderate Unreviewed
CVE-2026-1464 was published Jan 27, 2026
A signed integer overflow in docopt.cpp v0.6.2 (LeafPattern::match in docopt_private.h) when... Moderate Unreviewed
CVE-2025-67125 was published Jan 23, 2026
ESPHome vulnerable to denial-of-service via out-of-bounds check bypass in the API component Moderate
CVE-2026-23833 was published for esphome (pip) Jan 21, 2026
Mat931 Credited to Mat931
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database