GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,786
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,681
Maven 6,127
npm 4,311
NuGet 760
pip 4,084
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,445

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

109 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature... Critical Unreviewed

CVE-2025-46404 was published Nov 5, 2025

Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11... Critical Unreviewed

CVE-2022-0582 was published Feb 15, 2022

In libarchive 3.6.1, the software does not check for an error after calling calloc function that... Critical Unreviewed

CVE-2022-36227 was published Nov 22, 2022

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function... Critical Unreviewed

CVE-2017-14625 was published May 13, 2022

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode... Critical Unreviewed

CVE-2017-14626 was published May 13, 2022

ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c. Critical Unreviewed

CVE-2017-14532 was published May 13, 2022

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function... Critical Unreviewed

CVE-2017-14624 was published May 13, 2022

GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders... Critical Unreviewed

CVE-2017-11637 was published May 14, 2022

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c. Critical Unreviewed

CVE-2017-11125 was published May 13, 2022

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c. Critical Unreviewed

CVE-2017-11124 was published May 13, 2022

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL... Critical Unreviewed

CVE-2017-3169 was published May 13, 2022

elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU... Critical Unreviewed

CVE-2017-7614 was published May 17, 2022

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7... Critical Unreviewed

CVE-2016-5690 was published May 17, 2022

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to... Critical Unreviewed

CVE-2016-5689 was published May 17, 2022

`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was... Critical Unreviewed

CVE-2024-11705 was published Nov 26, 2024

An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers... Critical Unreviewed

CVE-2023-46427 was published Mar 9, 2024

Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda... Critical Unreviewed

CVE-2024-23080 was published Apr 10, 2024

An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial... Critical Unreviewed

CVE-2023-47003 was published Nov 16, 2023

An issue in coap_msg.c in Keith Cullen's FreeCoAP v.0.7 allows remote attackers to cause a Denial... Critical Unreviewed

CVE-2024-31030 was published May 31, 2024

JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org... Critical Unreviewed

CVE-2024-23078 was published Apr 8, 2024

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new... Critical Unreviewed

CVE-2024-35960 was published May 20, 2024

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU... Critical Unreviewed

CVE-2024-27053 was published May 1, 2024

The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in... Critical Unreviewed

CVE-2022-36648 was published Aug 22, 2023

Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can... Critical Unreviewed

CVE-2021-35068 was published Feb 12, 2022

An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy... Critical Unreviewed

CVE-2023-23087 was published Feb 3, 2023

Previous1…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

109 advisories