Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,272
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,521
Pub
12
RubyGems
1,007
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,074 advisories

Loading
A NULL pointer dereference in the safe_atou64 function (src/misc.c) of owntone-server through... High Unreviewed
CVE-2026-26829 was published Mar 23, 2026
A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone... High Unreviewed
CVE-2026-26828 was published Mar 23, 2026
Ella Core panics on malformed NGAP Location Report High
CVE-2026-33282 was published for github.com/ellanetworks/core (Go) Mar 19, 2026
p1-aji Credited to p1-aji
free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference High
CVE-2026-33064 was published for github.com/free5gc/udm (Go) Mar 18, 2026
free5GC AUSF UE Authentication Panic on Nil SuciSupiMap Interface Conversion High
CVE-2026-33063 was published for github.com/free5gc/ausf (Go) Mar 18, 2026
arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in the... High Unreviewed
CVE-2026-28522 was published Mar 16, 2026
Traefik: HTTP/2 frames can cause a running server to panic High
GHSA-4hjq-9h5c-252j was published for github.com/traefik/traefik/v2 (Go) Mar 12, 2026
WolverMinion Credited to WolverMinion
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized... High Unreviewed
CVE-2026-24293 was published Mar 10, 2026
Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate... High Unreviewed
CVE-2026-25165 was published Mar 10, 2026
In some cases, the `tcp-setmss` handler may free the packet data and throw an error without... High Unreviewed
CVE-2025-14769 was published Mar 9, 2026
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580,... High Unreviewed
CVE-2025-62817 was published Mar 3, 2026
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A... High Unreviewed
CVE-2025-62814 was published Mar 3, 2026
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic High Unreviewed
CVE-2026-27141 was published Feb 26, 2026
When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. ... High Unreviewed
CVE-2026-2507 was published Feb 18, 2026
A Null Pointer Dereference vulnerability exists in the TON Virtual Machine (TVM) within the TON... High Unreviewed
CVE-2025-70954 was published Feb 14, 2026
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an... High Unreviewed
CVE-2026-21243 was published Feb 10, 2026
Null pointer dereference in the firmware for some Intel(R) AMT and Intel(R) Standard... High Unreviewed
CVE-2025-20080 was published Feb 10, 2026
A NULL pointer dereference in the mk_http_range_parse function (mk_server/mk_http.c) of monkey... High Unreviewed
CVE-2025-63655 was published Jan 29, 2026
The Tapo C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests... High Unreviewed
CVE-2026-0918 was published Jan 27, 2026
Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the... High Unreviewed
CVE-2025-69421 was published Jan 27, 2026
NULL Pointer Dereference vulnerability in abcz316 SKRoot-linuxKernelRoot (testRoot/jni/utils... High Unreviewed
CVE-2026-24813 was published Jan 27, 2026
Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/processor/ampolicy.go in... High Unreviewed
CVE-2025-66720 was published Jan 23, 2026
A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted... High Unreviewed
CVE-2026-0710 was published Jan 23, 2026
NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c in owntone-server... High Unreviewed
CVE-2025-57155 was published Jan 20, 2026
A NULL pointer dereference in the parse_meta function (src/httpd_daap.c) of owntone-server commit... High Unreviewed
CVE-2025-63647 was published Jan 20, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database