Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,942
Erlang
39
GitHub Actions
38
Go
2,599
Maven
5,000+
npm
4,249
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

445 advisories

Loading
imagemagick: integer overflows in MNG magnification High
CVE-2025-55154 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
Withdrawn Advisory: NULL Pointer Dereference in Protocol Buffers High
CVE-2021-22570 was published for Google.Protobuf (Composer) Jan 27, 2022 withdrawn
joshbressers
Credited to joshbressers
ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow High
CVE-2025-57803 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
mescuwa
Credited to mescuwa
Out-of-bounds Write in Chakra High
CVE-2020-17131 was published for Microsoft.ChakraCore (NuGet) Apr 13, 2021
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
anlakii
Credited to anlakii
ImageMagick has a Stack Buffer Overflow in image.c High
CVE-2025-53101 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
momo-trip YutoIn
iwashiira utshina
Credited to momo-trip, YutoIn, iwashiira, and utshina
Amazon.IonDotnet is vulnerable to Denial of Service attacks High
CVE-2025-11573 was published for Amazon.IonDotnet (NuGet) Oct 9, 2025
ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution High
CVE-2025-55298 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
leehohojune hanbunny
jin-156 amethyst0225
Credited to leehohojune, hanbunny, jin-156, and amethyst0225
PowerShell Elevation of Privilege Vulnerability High
CVE-2022-26788 was published for Microsoft.PowerShell.SDK (NuGet) Apr 16, 2022
mgsymonds
Credited to mgsymonds
Infinite loop condition in Amazon.IonDotnet High
CVE-2025-3857 was published for Amazon.IonDotnet (NuGet) Apr 21, 2025
Duplicate Advisory: Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
GHSA-q8g5-rw97-f55h was published for Microsoft.Build.Tasks.Core (NuGet) Oct 14, 2025 withdrawn
Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
CVE-2025-55247 was published for Microsoft.Build (NuGet) Oct 15, 2025
ChakraCore RCE Vulnerability High
CVE-2016-7201 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
ChakraCore RCE Vulnerability High
CVE-2016-7200 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
ChakraCore RCE Vulnerability High
CVE-2018-8298 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-15811 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-18325 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability High
CVE-2020-1147 was published for Microsoft.NETCore.App (NuGet) May 24, 2022
.NET Denial of Service Vulnerability High
CVE-2023-38180 was published for Microsoft.AspNetCore.App.Runtime.win-arm64 (NuGet) Aug 9, 2023
mkilgore
Credited to mkilgore
Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability High
CVE-2025-24070 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Mar 11, 2025
dwelch2344 udlose
rbhanda
Credited to dwelch2344, udlose, and rbhanda
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database