Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,711
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

510 advisories

Loading
Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-64656 was published Nov 26, 2025
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line,... Critical Unreviewed
CVE-2017-7753 was published May 14, 2022
An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio... Critical Unreviewed
CVE-2017-7758 was published May 14, 2022
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML... Critical Unreviewed
CVE-2025-49796 was published Jun 16, 2025
This vulnerability allows remote attackers to disclose sensitive information on affected... Critical Unreviewed
CVE-2022-23123 was published Mar 28, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... Critical Unreviewed
CVE-2022-23124 was published Mar 28, 2023
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. An... Critical Unreviewed
CVE-2023-40436 was published Sep 27, 2023
Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled ... Critical Unreviewed
CVE-2021-43302 was published Feb 17, 2022
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24265 was published Apr 1, 2025
The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.7.5,... Critical Unreviewed
CVE-2025-24256 was published Apr 1, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-30458 was published Apr 1, 2025
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... Critical Unreviewed
CVE-2024-54506 was published Dec 12, 2024
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported... Critical Unreviewed
CVE-2024-5535 was published Jun 27, 2024
Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component... Critical Unreviewed
CVE-2022-26280 was published Mar 30, 2022
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer... Critical Unreviewed
CVE-2025-57052 was published Sep 3, 2025
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in... Critical Unreviewed
CVE-2025-24230 was published Apr 1, 2025
A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24196 was published Apr 1, 2025
An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable... Critical Unreviewed
CVE-2025-1932 was published Mar 4, 2025
This issue was addressed through improved state management. This issue is fixed in visionOS 2.3,... Critical Unreviewed
CVE-2025-24162 was published Jan 28, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24093 was published Jan 28, 2025
An attacker who submits a crafted tar file with size in header struct being 0 may be able to... Critical Unreviewed
CVE-2021-33643 was published Aug 11, 2022
FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8... Critical Unreviewed
CVE-2024-35367 was published Nov 29, 2024
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS... Critical Unreviewed
CVE-2024-37371 was published Jun 29, 2024
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of... Critical Unreviewed
CVE-2021-42374 was published May 24, 2022
An out-of-bounds read vulnerability has been discovered in Monkey's Audio 11.31, specifically in... Critical Unreviewed
CVE-2025-61043 was published Oct 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database