Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

285 advisories

Loading
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose... Moderate Unreviewed
CVE-2025-54901 was published Sep 9, 2025
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized... Moderate Unreviewed
CVE-2025-53796 was published Sep 9, 2025
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized... Moderate Unreviewed
CVE-2025-53797 was published Sep 9, 2025
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized... Moderate Unreviewed
CVE-2025-53798 was published Sep 9, 2025
A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due... High Unreviewed
CVE-2025-36855 was published Sep 8, 2025
Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information... Moderate Unreviewed
CVE-2025-53736 was published Aug 12, 2025
Transient DOS while processing a frame with malformed shared-key descriptor. High Unreviewed
CVE-2025-27065 was published Aug 6, 2025
Memory corruption while processing an IOCTL command with an arbitrary address. High Unreviewed
CVE-2025-27068 was published Aug 6, 2025
Information disclosure while opening a fastrpc session when domain is not sanitized. Moderate Unreviewed
CVE-2025-21457 was published Aug 6, 2025
Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2. Moderate Unreviewed
CVE-2025-7745 was published Jul 25, 2025
Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information... Moderate Unreviewed
CVE-2025-49684 was published Jul 8, 2025
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-49659 was published Jul 8, 2025
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-47971 was published Jul 8, 2025
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-47973 was published Jul 8, 2025
Transient DOS while handling beacon frames with invalid IE header length. High Unreviewed
CVE-2025-27057 was published Jul 8, 2025
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN... High Unreviewed
CVE-2025-21446 was published Jul 8, 2025
Transient DOS while processing received beacon frame. High Unreviewed
CVE-2025-21454 was published Jul 8, 2025
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet... High Unreviewed
CVE-2025-21427 was published Jul 8, 2025
Transient DOS may occur while processing malformed length field in SSID IEs. High Unreviewed
CVE-2025-21449 was published Jul 8, 2025
Memory corruption during the image encoding process. High Unreviewed
CVE-2025-27055 was published Jul 8, 2025
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose... Moderate Unreviewed
CVE-2025-24068 was published Jun 10, 2025
Transient DOS while processing the tone measurement response buffer when the response buffer is... High Unreviewed
CVE-2025-27029 was published Jun 3, 2025
Transient DOS while processing the EHT operation IE in the received beacon frame. High Unreviewed
CVE-2025-21463 was published Jun 3, 2025
Information disclosure may occur while decoding the RTP packet with improper header length for... High Unreviewed
CVE-2024-53019 was published Jun 3, 2025
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call. High Unreviewed
CVE-2024-53026 was published Jun 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database