Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,234
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,506
Pub
12
RubyGems
996
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
Memory Corruption when adding user-supplied data without checking available buffer space. High Unreviewed
CVE-2025-59600 was published Mar 2, 2026
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization ... High Unreviewed
CVE-2026-28364 was published Feb 27, 2026
ImageMagick has a heap Buffer Over-read in its DJVU image format handler Moderate
CVE-2026-27799 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 25, 2026
ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images Moderate
CVE-2026-27798 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 25, 2026
ylwango613 Credited to ylwango613
RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows... Moderate Unreviewed
CVE-2026-3203 was published Feb 25, 2026
Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network. High Unreviewed
CVE-2026-20846 was published Feb 10, 2026
Transient DOS when processing a received frame with an excessively large authentication... Moderate Unreviewed
CVE-2025-47402 was published Feb 2, 2026
A buffer over-read in the PublicKey::verify() method of Binance - Trust Wallet Core before commit... High Unreviewed
CVE-2025-66692 was published Jan 20, 2026
A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos... High Unreviewed
CVE-2025-60003 was published Jan 15, 2026
Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element. Moderate Unreviewed
CVE-2025-47395 was published Jan 7, 2026
Transient DOS while parsing video packets received from the video firmware. Moderate Unreviewed
CVE-2025-47330 was published Jan 7, 2026
Information disclosure while processing a firmware event. Moderate Unreviewed
CVE-2025-47331 was published Jan 7, 2026
Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to... High Unreviewed
CVE-2025-62467 was published Dec 9, 2025
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized... Moderate Unreviewed
CVE-2025-62473 was published Dec 9, 2025
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to... High Unreviewed
CVE-2025-62461 was published Dec 9, 2025
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62462 was published Dec 9, 2025
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62464 was published Dec 9, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to... High Unreviewed
CVE-2025-62560 was published Dec 9, 2025
Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to... Critical Unreviewed
CVE-2025-12106 was published Dec 1, 2025
A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write... High Unreviewed
CVE-2025-63602 was published Nov 18, 2025
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-60720 was published Nov 11, 2025
Information disclosure while processing message from client with invalid payload. Moderate Unreviewed
CVE-2025-47362 was published Nov 4, 2025
Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM... High Unreviewed
CVE-2025-47368 was published Nov 4, 2025
Information disclosure while registering commands from clients with diag through diagHal. Moderate Unreviewed
CVE-2025-27064 was published Nov 4, 2025
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function Moderate Unreviewed
CVE-2025-60729 was published Oct 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database