Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,538
Maven
5,000+
npm
5,000+
NuGet
914
pip
4,790
Pub
13
RubyGems
1,037
Rust
1,232
Swift
53
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
ImageMagick has uninitialized pointer dereference in JBIG decoder High
CVE-2026-28691 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
zerojackyi Credited to zerojackyi
sigstore-ruby verifier returns success for DSSE bundles with mismatched in-toto subject digest High
CVE-2026-31830 was published for sigstore (RubyGems) Mar 11, 2026
hanazuki Credited to hanazuki
go-merkledag's ProtoNode may be modified such that common method calls may panic High
CVE-2022-23495 was published for github.com/ipfs/go-merkledag (Go) Dec 8, 2022
mrd0ll4r Credited to mrd0ll4r
Unchecked return value from xmlTextReaderExpand High
CVE-2022-23476 was published for nokogiri (RubyGems) Dec 8, 2022
OpenZeppelin Contracts's ERC165Checker may revert instead of returning false High
CVE-2022-31170 was published for @openzeppelin/contracts (npm) Jul 21, 2022
Invalid file request can crash server High
CVE-2022-31089 was published for parse-server (npm) Jun 20, 2022
mtrezza Credited to mtrezza
Unhandled crash in npm posix High
CVE-2022-21211 was published for posix (npm) Jun 11, 2022
Improper privilege handling in Apache Accumulo High
CVE-2020-17533 was published for org.apache.accumulo:accumulo-master (Maven) Feb 9, 2022
Unchecked Return Value in xcb High
CVE-2021-26958 was published for xcb (Rust) Aug 25, 2021
Pillow denial of service High
CVE-2021-28675 was published for Pillow (pip) Jun 8, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database