Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,153
Maven
5,000+
npm
5,000+
NuGet
861
pip
4,451
Pub
12
RubyGems
991
Rust
1,179
Swift
50
Unreviewed advisories
All unreviewed
5,000+

287 advisories

Loading
ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in "/tmp", possible to leverage DoS Moderate
CVE-2023-1289 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
Im10n Credited to Im10n
ImageMagick has heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation Moderate
CVE-2026-30937 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
ImageMagick has Heap Buffer Overflow in WaveletDenoiseImage Moderate
CVE-2026-30936 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
Taardisaa Credited to Taardisaa
ImageMagick has Heap Buffer Over-Read in BilateralBlurImage Moderate
CVE-2026-30935 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
Taardisaa Credited to Taardisaa
ImageMagick has heap-based buffer overflow in UHDR encoder Moderate
CVE-2026-30931 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
linkeLi0421 Credited to linkeLi0421
ImageMagick has stack write buffer overflow in MNG encoder Moderate
CVE-2026-28690 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
zerojackyi Credited to zerojackyi
ImageMagick has heap use-after-free in the MSL encoder Moderate
CVE-2026-28688 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
ImageMagick has Heap Use-After-Free in ImageMagick MSL decoder Moderate
CVE-2026-28687 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
ImageMagick: Write heap-buffer-overflow in PCL encoder via undersized output buffer Moderate
CVE-2026-28686 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
zerojackyi Credited to zerojackyi
ImageMagick has Integer Overflow leading to out of bounds write in SIXEL decoder Moderate
CVE-2026-28493 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ImageMagick: Heap overflow in pcd decoder leads to out of bounds read. Moderate
CVE-2026-26284 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
ImageMagick has heap buffer overflow in YUV 4:2:2 decoder Moderate
CVE-2026-25986 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
ImageMagick has Heap Out-of-Bounds Read in DCM Decoder (ReadDCMImage) Moderate
CVE-2026-25982 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
marckwei Credited to marckwei
ImageMagick: MSL - Stack overflow in ProcessMSLScript Moderate
CVE-2026-25971 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
unbengable12 Credited to unbengable12
ImageMagick Has Signed Integer Overflow in SIXEL Decoder, Leading to Memory Corruption Moderate
CVE-2026-25970 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
ylwango613 Credited to ylwango613
Umbraco has Stored XSS in UFM Rendering Pipeline via Permissive DOMPurify Attribute Filtering Moderate
CVE-2026-31833 was published for Umbraco.Cms (NuGet) Mar 11, 2026
odgrso Credited to odgrso
Umbraco Backoffice API Allows Unauthorized Modification of Domain Data Moderate
CVE-2026-31832 was published for Umbraco.Cms (NuGet) Mar 11, 2026
odgrso Credited to odgrso
ImageMagick is vulnerable to heap buffer over-write on 32-bit systems in SFW decoder Moderate
CVE-2026-31853 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 10, 2026
Mcsky23 Credited to Mcsky23
ImageMagick is vulnerable to Heap Overflow when writing extremely large image profile in the PNG encoder Moderate
CVE-2026-30883 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 10, 2026
Mcsky23 Credited to Mcsky23
ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder Moderate
CVE-2026-28692 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 10, 2026
ylwango613 Credited to ylwango613
ImageMagick has a Path Policy TOCTOU symlink race bypass Moderate
CVE-2026-28689 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 10, 2026
andsopwn Credited to andsopwn
MimeKit has CRLF Injection in Quoted Local-Part that Enables SMTP Command Injection and Email Forgery Moderate
CVE-2026-30227 was published for MimeKit (NuGet) Mar 5, 2026
KC1zs4 Credited to KC1zs4
ImageMagick has a heap Buffer Over-read in its DJVU image format handler Moderate
CVE-2026-27799 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 25, 2026
ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images Moderate
CVE-2026-27798 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 25, 2026
ylwango613 Credited to ylwango613
ImageMagick: Invalid MSL <map> can result in a use after free Moderate
CVE-2026-26983 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database