Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,949
Maven
5,000+
npm
5,000+
NuGet
969
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,383
Swift
56
Unreviewed advisories
All unreviewed
5,000+

116 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim... Critical Unreviewed
CVE-2026-31657 was published Apr 24, 2026
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix... Critical Unreviewed
CVE-2026-31436 was published Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new... Critical Unreviewed
CVE-2024-35960 was published May 20, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU... Critical Unreviewed
CVE-2024-27053 was published May 1, 2024
Websocket requests did not call AuthenticateMethod Critical
CVE-2021-4236 was published for github.com/ecnepsnai/web (Go) Jun 23, 2021
Duplicate Advisory: ecnepsnai/web vulnerable to Uncontrolled Resource Consumption Critical
GHSA-jpgg-cp2x-qrw3 was published for github.com/ecnepsnai/web (Go) Dec 28, 2022 withdrawn
A denial of service vulnerability exists in the lasso_provider_verify_saml_signature... Critical Unreviewed
CVE-2025-46404 was published Nov 5, 2025
Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11... Critical Unreviewed
CVE-2022-0582 was published Feb 15, 2022
In libarchive 3.6.1, the software does not check for an error after calling calloc function that... Critical Unreviewed
CVE-2022-36227 was published Nov 22, 2022
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode... Critical Unreviewed
CVE-2017-14626 was published May 13, 2022
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function... Critical Unreviewed
CVE-2017-14625 was published May 13, 2022
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c. Critical Unreviewed
CVE-2017-14532 was published May 13, 2022
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function... Critical Unreviewed
CVE-2017-14624 was published May 13, 2022
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders... Critical Unreviewed
CVE-2017-11637 was published May 14, 2022
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c. Critical Unreviewed
CVE-2017-11125 was published May 13, 2022
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c. Critical Unreviewed
CVE-2017-11124 was published May 13, 2022
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL... Critical Unreviewed
CVE-2017-3169 was published May 13, 2022
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU... Critical Unreviewed
CVE-2017-7614 was published May 17, 2022
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to... Critical Unreviewed
CVE-2016-5689 was published May 17, 2022
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7... Critical Unreviewed
CVE-2016-5690 was published May 17, 2022
`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was... Critical Unreviewed
CVE-2024-11705 was published Nov 26, 2024
Incomplete validation in boosted trees code Critical
CVE-2021-41208 was published for tensorflow (pip) Nov 10, 2021
An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers... Critical Unreviewed
CVE-2023-46427 was published Mar 9, 2024
Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda... Critical Unreviewed
CVE-2024-23080 was published Apr 10, 2024
An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial... Critical Unreviewed
CVE-2023-47003 was published Nov 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database