Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
41
GitHub Actions
41
Go
3,100
Maven
5,000+
npm
4,993
NuGet
826
pip
4,425
Pub
12
RubyGems
988
Rust
1,170
Swift
50
Unreviewed advisories
All unreviewed
5,000+

4,504 advisories

Loading
OliveTin has crash on NPE by calling APIs with invalid bindings or log references Moderate
GHSA-fwhj-785h-43hh was published for github.com/OliveTin/OliveTin (Go) Mar 5, 2026
maru1009 Credited to maru1009
Sliver is Vulnerable to Authenticated Nil-Pointer Dereference through its Handlers Low
CVE-2026-29781 was published for github.com/bishopfox/sliver (Go) Mar 5, 2026
skoveit Credited to skoveit
A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an... Moderate Unreviewed
CVE-2026-20064 was published Mar 4, 2026
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580,... High Unreviewed
CVE-2025-62817 was published Mar 3, 2026
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A... High Unreviewed
CVE-2025-62814 was published Mar 3, 2026
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A... Moderate Unreviewed
CVE-2025-62815 was published Mar 3, 2026
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic High Unreviewed
CVE-2026-27141 was published Feb 26, 2026
A malicious actor with authenticated user privileges on a Windows based Workstation host may be... Moderate Unreviewed
CVE-2026-22722 was published Feb 26, 2026
NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service Moderate Unreviewed
CVE-2026-3202 was published Feb 25, 2026
ImageMagick: Invalid MSL <map> can result in a use after free Moderate
CVE-2026-26983 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
ImageMagick has NULL Pointer Dereference in ClonePixelCacheRepository via crafted image Moderate
CVE-2026-25798 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
ImageMagick has NULL pointer dereference in ReadSFWImage after DestroyImageInfo (sfw.c) Moderate
CVE-2026-25795 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker... Moderate Unreviewed
CVE-2026-0401 was published Feb 24, 2026
A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B... Moderate Unreviewed
CVE-2025-11848 was published Feb 24, 2026
A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B... Moderate Unreviewed
CVE-2025-11847 was published Feb 24, 2026
A null pointer dereference vulnerability in the certificate downloader CGI program of the Zyxel... Moderate Unreviewed
CVE-2025-11845 was published Feb 24, 2026
A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625... Moderate Unreviewed
CVE-2025-11846 was published Feb 24, 2026
libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component... Moderate Unreviewed
CVE-2025-61143 was published Feb 23, 2026
A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter... Moderate Unreviewed
CVE-2025-10256 was published Feb 18, 2026
When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. ... High Unreviewed
CVE-2026-2507 was published Feb 18, 2026
A Null Pointer Dereference vulnerability exists in the TON Virtual Machine (TVM) within the TON... High Unreviewed
CVE-2025-70954 was published Feb 14, 2026
SurrealDB vulnerable to Denial of Service through scripting function memory edge case Moderate
GHSA-xx7m-69ff-9crp was published for surrealdb (Rust) Feb 12, 2026
LucyEgan Credited to LucyEgan
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating... Low Unreviewed
CVE-2025-59386 was published Feb 11, 2026
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote... Low Unreviewed
CVE-2025-58472 was published Feb 11, 2026
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating... Low Unreviewed
CVE-2025-66274 was published Feb 11, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database