Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,951
Erlang
39
GitHub Actions
38
Go
2,607
Maven
5,000+
npm
4,251
NuGet
757
pip
4,017
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

40 advisories

Loading
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL... High Unreviewed
CVE-2025-46407 was published Aug 26, 2025
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL... High Unreviewed
CVE-2025-52930 was published Aug 26, 2025
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL... High Unreviewed
CVE-2025-52456 was published Aug 26, 2025
A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL... High Unreviewed
CVE-2025-32468 was published Aug 26, 2025
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL... High Unreviewed
CVE-2025-53510 was published Aug 26, 2025
A vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security... High Unreviewed
CVE-2025-20263 was published Aug 14, 2025
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker... High Unreviewed
CVE-2025-23326 was published Aug 6, 2025
Out-of-bounds read vulnerability in the devicemanager module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-54623 was published Aug 6, 2025
A memory corruption vulnerability exists in the Shared String Table Record Parser implementation... High Unreviewed
CVE-2024-48877 was published Jun 2, 2025
Memory corruption while transmitting packet mapping information with invalid header payload size. High Unreviewed
CVE-2025-21442 was published Apr 7, 2025
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this... High Unreviewed
CVE-2024-58107 was published Apr 7, 2025
Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation... Low Unreviewed
CVE-2024-57956 was published Feb 6, 2025
Integer overflow vulnerability during glTF model loading in the 3D engine module Impact:... High Unreviewed
CVE-2024-56451 was published Jan 8, 2025
Memory corruption while processing voice packet with arbitrary data received from ADSP. High Unreviewed
CVE-2024-38422 was published Nov 4, 2024
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer... Moderate Unreviewed
CVE-2024-6381 was published Jul 2, 2024
Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger... Critical Unreviewed
CVE-2024-33078 was published May 1, 2024
Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. High Unreviewed
CVE-2024-21454 was published Apr 1, 2024
Memory corruption while allocating memory for graphics. High Unreviewed
CVE-2024-21470 was published Apr 1, 2024
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()... High Unreviewed
CVE-2024-2608 was published Mar 19, 2024
An issue in Wireshark team Wireshark before v.4.2.0 allows a remote attacker to cause a denial of... High Unreviewed
CVE-2024-24478 was published Feb 21, 2024
Memory corruption while loading an ELF segment in TEE Kernel. High Unreviewed
CVE-2023-28585 was published Dec 5, 2023
Memory corruption in HLOS while invoking IOCTL calls from user-space. High Unreviewed
CVE-2023-33022 was published Dec 5, 2023
Memory corruption while using the UIM diag command to get the operators name. High Unreviewed
CVE-2023-33018 was published Dec 5, 2023
Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an... Moderate Unreviewed
CVE-2023-22305 was published Nov 14, 2023
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out... High Unreviewed
CVE-2023-37536 was published Oct 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database