Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,630
Maven
5,000+
npm
5,000+
NuGet
928
pip
4,850
Pub
13
RubyGems
1,045
Rust
1,301
Swift
53
Unreviewed advisories
All unreviewed
5,000+

134 advisories

Loading
nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals High
CVE-2026-34065 was published for nimiq-primitives (Rust) Apr 22, 2026
1seal Credited to 1seal and paberr paberr paberr
uutils coreutils has an Unchecked Return Value Issue Low
CVE-2026-35344 was published for coreutils (Rust) Apr 22, 2026
Withdrawn Advisory: Kirby CMS has Persistent DoS via Malformed Image Upload Moderate
CVE-2026-29905 was published for getkirby/cms (Composer) Mar 27, 2026 withdrawn
Stalin-143 Credited to Stalin-143 and lukasbestle lukasbestle lukasbestle
ImageMagick has uninitialized pointer dereference in JBIG decoder High
CVE-2026-28691 was published for Magick.NET-Q16-AnyCPU (NuGet) Mar 12, 2026
zerojackyi Credited to zerojackyi
sigstore-ruby verifier returns success for DSSE bundles with mismatched in-toto subject digest High
CVE-2026-31830 was published for sigstore (RubyGems) Mar 11, 2026
hanazuki Credited to hanazuki
Nokogiri does not check the return value from xmlC14NExecute Moderate
GHSA-wx95-c6cv-8532 was published for nokogiri (RubyGems) Feb 18, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.4, 18... High Unreviewed
CVE-2026-0723 was published Jan 22, 2026
An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX... High Unreviewed
CVE-2026-21920 was published Jan 15, 2026
A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and... High Unreviewed
CVE-2026-0421 was published Jan 15, 2026
Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values Critical
CVE-2025-66565 was published for github.com/gofiber/utils (Go) Dec 8, 2025
sixcolors Credited to sixcolors
A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of... Moderate Unreviewed
CVE-2025-11839 was published Oct 16, 2025
When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed... High Unreviewed
CVE-2025-61935 was published Oct 15, 2025
An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3... Low Unreviewed
CVE-2025-58903 was published Oct 14, 2025
An unchecked return value in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy... Moderate Unreviewed
CVE-2025-55146 was published Sep 9, 2025
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Add missing check... Moderate Unreviewed
CVE-2025-38602 was published Aug 19, 2025
Failure to handle the error status returned by the buffer management APIs in SiLabs EmberZNet... Moderate Unreviewed
CVE-2025-1394 was published Jul 30, 2025
In the Linux kernel, the following vulnerability has been resolved: ACPI: PPTT: Fix to avoid... Moderate Unreviewed
CVE-2023-53070 was published May 2, 2025
NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially... Low Unreviewed
CVE-2025-46672 was published Apr 27, 2025
In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the... Moderate Unreviewed
CVE-2025-22026 was published Apr 16, 2025
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the... Moderate Unreviewed
CVE-2025-32414 was published Apr 8, 2025
An attacker with low privileges can manipulate the requested memory size, causing the application... Moderate Unreviewed
CVE-2024-12650 was published Mar 5, 2025
On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over... High Unreviewed
CVE-2025-1933 was published Mar 4, 2025
list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return... Moderate Unreviewed
CVE-2025-25724 was published Mar 2, 2025
A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc()... Moderate Unreviewed
CVE-2024-45775 was published Feb 18, 2025
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a... High Unreviewed
CVE-2024-45419 was published Nov 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database