Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
45
GitHub Actions
47
Go
3,309
Maven
5,000+
npm
5,000+
NuGet
876
pip
4,530
Pub
12
RubyGems
1,009
Rust
1,195
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

287 advisories

Loading
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP... High Unreviewed
CVE-2026-25075 was published Mar 23, 2026
Integer underflow in wolfSSL packet sniffer <= 5.8.4 allows an attacker to cause a buffer... Low Unreviewed
CVE-2026-1005 was published Mar 19, 2026
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content... Moderate Unreviewed
CVE-2026-2369 was published Mar 19, 2026
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-3084 was published Mar 16, 2026
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value... High Unreviewed
CVE-2026-32775 was published Mar 16, 2026
Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to... High Unreviewed
CVE-2026-3538 was published Mar 4, 2026
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of... Moderate Unreviewed
CVE-2026-23748 was published Feb 26, 2026
Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database... High Unreviewed
CVE-2026-3172 was published Feb 25, 2026
An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and... Low Unreviewed
CVE-2025-14547 was published Feb 20, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48021 was published Feb 13, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-1924 was published Feb 13, 2026
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential... Moderate Unreviewed
CVE-2026-23069 was published Feb 4, 2026
In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2... High Unreviewed
CVE-2025-62291 was published Jan 16, 2026
An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of... High Unreviewed
CVE-2025-67269 was published Jan 2, 2026
Integer underflow (wrap or wraparound) in Windows Hyper-V allows an authorized attacker to deny... Moderate Unreviewed
CVE-2025-62567 was published Dec 9, 2025
An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may... Moderate Unreviewed
CVE-2025-59368 was published Nov 25, 2025
Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit... Low Unreviewed
CVE-2025-11931 was published Nov 22, 2025
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decode_definite_long_string(... High Unreviewed
CVE-2025-64076 was published Nov 18, 2025
Substance3D - Stager versions 3.1.5 and earlier are affected by an Integer Underflow (Wrap or... High Unreviewed
CVE-2025-61835 was published Nov 11, 2025
Illustrator on iPad versions 3.0.9 and earlier are affected by an Integer Underflow (Wrap or... High Unreviewed
CVE-2025-61836 was published Nov 11, 2025
Illustrator on iPad versions 3.0.9 and earlier are affected by an Integer Underflow (Wrap or... High Unreviewed
CVE-2025-61826 was published Nov 11, 2025
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bam_dma:... Moderate Unreviewed
CVE-2022-49650 was published Oct 23, 2025
In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent... Moderate Unreviewed
CVE-2022-49199 was published Oct 21, 2025
An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due... High Unreviewed
CVE-2025-62495 was published Oct 16, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an... Moderate Unreviewed
CVE-2023-53679 was published Oct 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database