Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,153
Maven
5,000+
npm
5,000+
NuGet
861
pip
4,451
Pub
12
RubyGems
991
Rust
1,179
Swift
50
Unreviewed advisories
All unreviewed
5,000+

129 advisories

Loading
yauzl (aka Yet Another Unzip Library) version 3.2.0 for Node.js contains an off-by-one error in... Moderate Unreviewed
CVE-2026-31988 was published Mar 12, 2026
Envoy affected by off-by-one write in JsonEscaper::escapeString() Moderate
CVE-2026-26309 was published for github.com/envoyproxy/envoy (Go) Mar 10, 2026
Finder16 Credited to Finder16, agrawroh, phlax, and botengyao agrawroh agrawroh
phlax phlax botengyao botengyao
OpenClaw has allowlist exec-guard bypass via env -S Moderate
GHSA-48wf-g7cp-gr3m was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
ml-dsa's UseHint function has off by two error when r0 equals zero Moderate
GHSA-h37v-hp6w-2pp8 was published for ml-dsa (Rust) Feb 2, 2026
XoifaiI Credited to XoifaiI
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive... Moderate Unreviewed
CVE-2025-71161 was published Jan 23, 2026
Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to... Moderate Unreviewed
CVE-2025-11215 was published Nov 7, 2025
In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless... Moderate Unreviewed
CVE-2022-49077 was published Oct 14, 2025
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors... Moderate Unreviewed
CVE-2022-50428 was published Oct 1, 2025
In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in... Moderate Unreviewed
CVE-2023-53397 was published Sep 18, 2025
ImageMagick has a Heap Buffer Overflow in InterpretImageFilename Low
CVE-2025-53014 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
momo-trip Credited to momo-trip, iwashiira, utshina, and on-keyday iwashiira iwashiira
utshina utshina on-keyday on-keyday
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off... Moderate Unreviewed
CVE-2025-38600 was published Aug 19, 2025
In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer... Moderate Unreviewed
CVE-2025-54349 was published Aug 3, 2025
Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in... Moderate Unreviewed
CVE-2025-52497 was published Jul 4, 2025
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status... Moderate Unreviewed
CVE-2025-47711 was published Jun 9, 2025
In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one... Moderate Unreviewed
CVE-2023-53143 was published May 2, 2025
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error... Moderate Unreviewed
CVE-2025-23150 was published May 1, 2025
GoBGP does not verify that the input length Moderate
CVE-2025-43973 was published for github.com/osrg/gobgp (Go) Apr 21, 2025
GoBGP panics due to a zero value for softwareVersionLen High
CVE-2025-43971 was published for github.com/osrg/gobgp/v3 (Go) Apr 21, 2025
shaked-seal Credited to shaked-seal
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix off-by... Moderate Unreviewed
CVE-2025-37893 was published Apr 18, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Off by one in... Moderate Unreviewed
CVE-2022-49365 was published Apr 14, 2025
httpd.c in atophttpd 2.8.0 has an off-by-one error and resultant out-of-bounds read because a... Moderate Unreviewed
CVE-2025-30742 was published Mar 26, 2025
Off-by-one error vulnerability in the transmission component in Synology Replication Service... Critical Unreviewed
CVE-2024-10442 was published Mar 19, 2025
In the Linux kernel, the following vulnerability has been resolved: timers/migration: Fix off-by... Moderate Unreviewed
CVE-2025-21813 was published Feb 27, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off... High Unreviewed
CVE-2024-57990 was published Feb 27, 2025
sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap... High Unreviewed
CVE-2024-57259 was published Feb 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database