Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

11,000 advisories

Loading
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size... High Unreviewed
CVE-2025-6021 was published Jun 12, 2025
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium,... High Unreviewed
CVE-2025-65084 was published Nov 25, 2025
In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack... High Unreviewed
CVE-2025-38568 was published Aug 19, 2025
In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix... High Unreviewed
CVE-2025-38585 was published Aug 19, 2025
Zenitel TCIV-3+ is vulnerable to an out-of-bounds write vulnerability, which could allow a... High Unreviewed
CVE-2025-64129 was published Nov 26, 2025
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2025-43300 was published Aug 21, 2025
In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of... High Unreviewed
CVE-2025-38667 was published Aug 22, 2025
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai... High Unreviewed
CVE-2025-38662 was published Aug 22, 2025
In the Linux kernel, the following vulnerability has been resolved: io_uring/net: commit partial... High Unreviewed
CVE-2025-38730 was published Sep 5, 2025
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix unbuffered write... High Unreviewed
CVE-2025-39723 was published Sep 5, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix... High Unreviewed
CVE-2022-50258 was published Sep 15, 2025
Mozilla developers and community members reported memory safety bugs present in Firefox 68,... Critical Unreviewed
CVE-2019-11740 was published May 24, 2022
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and... Critical Unreviewed
CVE-2019-11709 was published May 24, 2022
The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to... Critical Unreviewed
CVE-2019-9792 was published May 24, 2022
An integer overflow can occur in the Skia library due to 32-bit integer use in an array without... Critical Unreviewed
CVE-2018-5159 was published May 14, 2022
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out... High Unreviewed
CVE-2018-12379 was published May 14, 2022
Mozilla developers and community members reported memory safety bugs present in Firefox 65,... Critical Unreviewed
CVE-2019-9788 was published May 24, 2022
The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics... Critical Unreviewed
CVE-2019-11693 was published May 24, 2022
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own... High Unreviewed
CVE-2018-5146 was published May 14, 2022
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in... Critical Unreviewed
CVE-2018-5147 was published May 14, 2022
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause... High Unreviewed
CVE-2025-33189 was published Nov 25, 2025
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an... Moderate Unreviewed
CVE-2025-33190 was published Nov 25, 2025
A lack of parameter validation on IPC messages results in a potential out-of-bounds write through... High Unreviewed
CVE-2018-5129 was published May 14, 2022
In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a... High Unreviewed
CVE-2022-50156 was published Jun 18, 2025
Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to... High Unreviewed
CVE-2025-11458 was published Nov 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database