Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

4,557 advisories

Loading
A NULL pointer dereference in the safe_atou64 function (src/misc.c) of owntone-server through... High Unreviewed
CVE-2026-26829 was published Mar 23, 2026
A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone... High Unreviewed
CVE-2026-26828 was published Mar 23, 2026
Ella Core panics on malformed ULNASTransport Message without a Request Type Moderate
CVE-2026-33283 was published for github.com/ellanetworks/core (Go) Mar 19, 2026
p1-aji Credited to p1-aji
Ella Core panics on malformed NGAP Location Report High
CVE-2026-33282 was published for github.com/ellanetworks/core (Go) Mar 19, 2026
p1-aji Credited to p1-aji
free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference High
CVE-2026-33064 was published for github.com/free5gc/udm (Go) Mar 18, 2026
free5GC AUSF UE Authentication Panic on Nil SuciSupiMap Interface Conversion High
CVE-2026-33063 was published for github.com/free5gc/ausf (Go) Mar 18, 2026
NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT ... Moderate Unreviewed
CVE-2025-13406 was published Mar 17, 2026
libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity... Moderate Unreviewed
CVE-2026-32776 was published Mar 16, 2026
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after... Low Unreviewed
CVE-2026-32778 was published Mar 16, 2026
arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in the... High Unreviewed
CVE-2026-28522 was published Mar 16, 2026
Traefik: HTTP/2 frames can cause a running server to panic High
GHSA-4hjq-9h5c-252j was published for github.com/traefik/traefik/v2 (Go) Mar 12, 2026
WolverMinion Credited to WolverMinion
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-27217 was published Mar 10, 2026
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-27218 was published Mar 10, 2026
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-21364 was published Mar 10, 2026
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-27215 was published Mar 10, 2026
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-27214 was published Mar 10, 2026
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference... Moderate Unreviewed
CVE-2026-21363 was published Mar 10, 2026
Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny... Moderate Unreviewed
CVE-2026-25168 was published Mar 10, 2026
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized... High Unreviewed
CVE-2026-24293 was published Mar 10, 2026
Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate... High Unreviewed
CVE-2026-25165 was published Mar 10, 2026
A NULL Pointer Dereference vulnerability [CWE-476] vulnerability in Fortinet FortiWeb 8.0.0... Low Unreviewed
CVE-2026-24641 was published Mar 10, 2026
In some cases, the `tcp-setmss` handler may free the packet data and throw an error without... High Unreviewed
CVE-2025-14769 was published Mar 9, 2026
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing... Moderate Unreviewed
CVE-2025-69649 was published Mar 6, 2026
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free... Moderate Unreviewed
CVE-2025-69651 was published Mar 6, 2026
OliveTin has crash on NPE by calling APIs with invalid bindings or log references Moderate
GHSA-fwhj-785h-43hh was published for github.com/OliveTin/OliveTin (Go) Mar 5, 2026
maru1009 Credited to maru1009
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database