Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,169
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+

1,150 advisories

Loading
Muhammara has a NULL pointer dereference in LZWDecode filter when DecodeParms omits EarlyChange key High
GHSA-fhp4-pr5j-46m5 was published for muhammara (npm) Jun 26, 2026
r3d5t0x3 Credited to r3d5t0x3
An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing... High Unreviewed
CVE-2026-57875 was published Jun 26, 2026
An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in... High Unreviewed
CVE-2026-57873 was published Jun 26, 2026
A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is... High Unreviewed
CVE-2025-32913 was published Apr 14, 2025
CWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service... High Unreviewed
CVE-2026-9716 was published Jun 25, 2026
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject non-8-byte... High Unreviewed
CVE-2026-46114 was published May 28, 2026
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL... High Unreviewed
CVE-2026-46110 was published May 28, 2026
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. High Unreviewed
CVE-2023-2609 was published May 9, 2023
In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a... High Unreviewed
CVE-2026-0156 was published Jun 16, 2026
HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference... High Unreviewed
CVE-2026-55204 was published Jun 18, 2026
In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential... High Unreviewed
CVE-2026-46024 was published May 27, 2026
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to... High Unreviewed
CVE-2026-45958 was published May 27, 2026
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash... High Unreviewed
CVE-2026-45959 was published May 27, 2026
A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC... High Unreviewed
CVE-2025-55657 was published Jun 9, 2026
Issue summary: When a partial-chain certificate verification is enabled together with OCSP... High Unreviewed
CVE-2026-42765 was published Jun 9, 2026
Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer... High Unreviewed
CVE-2026-42764 was published Jun 9, 2026
An authorized user could trigger a server crash by running a query with a 2dsphere index on a... High Unreviewed
CVE-2026-9752 was published Jun 10, 2026
In MongoDB Server 8.0, an aggregation stage can leave its _subPipeline field null during... High Unreviewed
CVE-2026-9743 was published Jun 10, 2026
Klever-Go KVM: Unauthenticated remote node crash (nil-pointer DoS) in klever-go P2P transaction interceptor (txVersionChecker nil RawData) - potential chain halt High
CVE-2026-52878 was published for github.com/klever-io/klever-go (Go) Jun 5, 2026
ch4r0utf8 Credited to ch4r0utf8
free5GC's SMF UPI DELETE /upi/v1/upNodesLinks/{ref} panics on AN-node deletion via nil UPF dereference; unauthenticated, state-mutating High
CVE-2026-44328 was published for github.com/free5gc/smf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's NEF 3gpp-pfd-management PATCH applications/{appId} panics on UDR access failure due to nil ProblemDetails dereference High
CVE-2026-44322 was published for github.com/free5gc/nef (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
free5GC's PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference High
CVE-2026-44316 was published for github.com/free5gc/pcf (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
A flaw was found in Samba’s WINS server component when running as an Active Directory Domain... High Unreviewed
CVE-2026-3238 was published Jun 8, 2026
In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and... High Unreviewed
CVE-2026-48829 was published May 26, 2026
A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker... High Unreviewed
CVE-2020-27279 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database