Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

131 advisories

Loading
ImageMagick has uninitialized pointer dereference in JBIG decoder High
CVE-2026-28691 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
zerojackyi Credited to zerojackyi
sigstore-ruby verifier returns success for DSSE bundles with mismatched in-toto subject digest High
CVE-2026-31830 was published for sigstore (RubyGems) Mar 11, 2026
hanazuki Credited to hanazuki
Nokogiri does not check the return value from xmlC14NExecute Moderate
GHSA-wx95-c6cv-8532 was published for nokogiri (RubyGems) Feb 18, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.4, 18... High Unreviewed
CVE-2026-0723 was published Jan 22, 2026
An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX... High Unreviewed
CVE-2026-21920 was published Jan 15, 2026
A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and... High Unreviewed
CVE-2026-0421 was published Jan 15, 2026
Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values Critical
CVE-2025-66565 was published for github.com/gofiber/utils (Go) Dec 8, 2025
sixcolors Credited to sixcolors
A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of... Moderate Unreviewed
CVE-2025-11839 was published Oct 16, 2025
When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed... High Unreviewed
CVE-2025-61935 was published Oct 15, 2025
An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3... Low Unreviewed
CVE-2025-58903 was published Oct 14, 2025
An unchecked return value in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy... Moderate Unreviewed
CVE-2025-55146 was published Sep 9, 2025
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Add missing check... Moderate Unreviewed
CVE-2025-38602 was published Aug 19, 2025
Failure to handle the error status returned by the buffer management APIs in SiLabs EmberZNet... Moderate Unreviewed
CVE-2025-1394 was published Jul 30, 2025
In the Linux kernel, the following vulnerability has been resolved: ACPI: PPTT: Fix to avoid... Moderate Unreviewed
CVE-2023-53070 was published May 2, 2025
NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially... Low Unreviewed
CVE-2025-46672 was published Apr 27, 2025
In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the... Moderate Unreviewed
CVE-2025-22026 was published Apr 16, 2025
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the... Moderate Unreviewed
CVE-2025-32414 was published Apr 8, 2025
An attacker with low privileges can manipulate the requested memory size, causing the application... Moderate Unreviewed
CVE-2024-12650 was published Mar 5, 2025
On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over... High Unreviewed
CVE-2025-1933 was published Mar 4, 2025
list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return... Moderate Unreviewed
CVE-2025-25724 was published Mar 2, 2025
A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc()... Moderate Unreviewed
CVE-2024-45775 was published Feb 18, 2025
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a... High Unreviewed
CVE-2024-45419 was published Nov 19, 2024
Unchecked return value can allow Apache Traffic Server to retain privileges on startup. This... Critical Unreviewed
CVE-2024-50306 was published Nov 14, 2024
Unchecked return value in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88... Low Unreviewed
CVE-2023-26591 was published Oct 10, 2024
An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges... High Unreviewed
CVE-2023-47480 was published Sep 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database