Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,949
Maven
5,000+
npm
5,000+
NuGet
969
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,383
Swift
56
Unreviewed advisories
All unreviewed
5,000+

3,444 advisories

Loading
A NULL pointer dereference in the gf_filter_pid_resolve_file_template_ex function (/filter_core... Moderate Unreviewed
CVE-2025-60477 was published Jun 3, 2026
Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to... Moderate Unreviewed
CVE-2026-8035 was published Jun 2, 2026
In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an... Moderate Unreviewed
CVE-2026-28581 was published Jun 2, 2026
A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of... Moderate Unreviewed
CVE-2025-60485 was published Jun 1, 2026
A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of... Moderate Unreviewed
CVE-2025-60495 was published Jun 1, 2026
A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools... Moderate Unreviewed
CVE-2025-60483 was published Jun 1, 2026
A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC... Moderate Unreviewed
CVE-2025-60481 was published Jun 1, 2026
Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling... Moderate Unreviewed
CVE-2026-47335 was published May 28, 2026
ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of... Moderate Unreviewed
CVE-2026-9759 was published May 27, 2026
A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown... Moderate Unreviewed
CVE-2025-70116 was published May 27, 2026
A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer... Moderate Unreviewed
CVE-2026-7450 was published May 26, 2026
IEC 60870-5-104 used in bidirectional mode is vulnerable for a NULL pointer dereferencing, if a... Moderate Unreviewed
CVE-2026-8479 was published May 26, 2026
qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set Moderate
CVE-2026-8723 was published for qs (npm) May 22, 2026
joannalange Credited to joannalange and ljharb ljharb ljharb
HAX CMS: Denial of Service using Malicious Import Request Moderate
CVE-2026-46357 was published for @haxtheweb/haxcms-nodejs (npm) May 19, 2026
silentrex04 Credited to silentrex04
NULL pointer dereference vulnerability in Samsung Open Source Walrus allows Pointer Manipulation.... Moderate Unreviewed
CVE-2026-47308 was published May 19, 2026
NULL pointer dereference vulnerability in Samsung Open Source Walrus allows an attacker to cause... Moderate Unreviewed
CVE-2026-47307 was published May 19, 2026
Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to... Moderate Unreviewed
CVE-2026-34350 was published May 12, 2026
Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-34662 was published May 12, 2026
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an... Moderate Unreviewed
CVE-2026-34339 was published May 12, 2026
Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13... Moderate Unreviewed
CVE-2026-20771 was published May 12, 2026
Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 2.6.0... Moderate Unreviewed
CVE-2026-20914 was published May 12, 2026
A null pointer dereference was addressed with improved input validation. This issue is fixed in... Moderate Unreviewed
CVE-2026-28985 was published May 11, 2026
A possible null pointer reference in PgBouncer before 1.25.2 could lead to a crash, if a server... Moderate Unreviewed
CVE-2026-6666 was published May 9, 2026
free5GC's UDR nudr-dr DELETE amf-subscriptions panics on missing subsId when UE state exists (nil pointer dereference) Moderate
CVE-2026-44323 was published for github.com/free5gc/udr (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's PCF npcf-policyauthorization POST /app-sessions panics on suppFeat=1 with missing AfRoutReq via nil pointer dereference Moderate
CVE-2026-44317 was published for github.com/free5gc/pcf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database