GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,296
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
164 advisories
Filter by severity
NEMU (OpenXiangShan/NEMU) before v2025.12.r2 contains an improper instruction-validation flaw in...
High
Unreviewed
CVE-2026-29645
was published
Apr 20, 2026
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can...
Moderate
Unreviewed
CVE-2026-40918
was published
Apr 15, 2026
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-4152
was published
Apr 11, 2026
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of...
Critical
Unreviewed
CVE-2026-20911
was published
Apr 7, 2026
NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker...
Moderate
Unreviewed
CVE-2025-33216
was published
Mar 24, 2026
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability...
High
Unreviewed
CVE-2026-4695
was published
Mar 24, 2026
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder...
Moderate
Unreviewed
CVE-2019-25555
was published
Mar 21, 2026
A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange...
High
Unreviewed
CVE-2026-20049
was published
Mar 4, 2026
GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2026-2047
was published
Feb 21, 2026
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by...
Moderate
Unreviewed
CVE-2026-2738
was published
Feb 19, 2026
IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to...
Moderate
Unreviewed
CVE-2025-33124
was published
Feb 17, 2026
In the Eclipse OMR port library component since release 0.2.0, an API function to return the...
Moderate
Unreviewed
CVE-2026-1188
was published
Jan 29, 2026
Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a...
High
Unreviewed
CVE-2025-62550
was published
Dec 9, 2025
A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw...
Moderate
Unreviewed
CVE-2025-61661
was published
Nov 18, 2025
Memory corruption while processing a GP command response.
High
Unreviewed
CVE-2025-27074
was published
Nov 4, 2025
IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, 5.1, 6...
Moderate
Unreviewed
CVE-2025-33126
was published
Oct 28, 2025
Memory corruption during PlayReady APP usecase while processing TA commands.
High
Unreviewed
CVE-2025-27053
was published
Oct 9, 2025
ImageMagick BlobStream Forward-Seek Under-Allocation
Low
CVE-2025-57807
was published
for
Magick.NET-Q16-HDRI-OpenMP-arm64
(NuGet)
Sep 5, 2025
An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon (rpd) of...
High
Unreviewed
CVE-2025-52955
was published
Jul 11, 2025
Memory corruption while processing video packets received from video firmware.
High
Unreviewed
CVE-2025-27042
was published
Jul 8, 2025
OpenVM allows the byte decomposition of pc in AUIPC chip to overflow
High
CVE-2025-46723
was published
for
openvm
(Rust)
May 5, 2025
quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading...
Moderate
Unreviewed
CVE-2025-46688
was published
Apr 27, 2025
In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after...
Low
Unreviewed
CVE-2025-43965
was published
Apr 23, 2025
In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled ...
Low
Unreviewed
CVE-2025-46393
was published
Apr 23, 2025
In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015, traffic sent over wg(4) could...
High
Unreviewed
CVE-2025-30334
was published
Mar 20, 2025
ProTip!
Advisories are also available from the
GraphQL API