Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,872
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,243 advisories

Loading
There's a vulnerability in the libssh package where when a libssh consumer passes in an... Moderate Unreviewed
CVE-2025-4877 was published Aug 20, 2025
Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using... Moderate Unreviewed
CVE-2025-26403 was published Aug 12, 2025
Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows... Moderate Unreviewed
CVE-2025-21021 was published Aug 6, 2025
Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2... Moderate Unreviewed
CVE-2025-21017 was published Aug 6, 2025
Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2... Moderate Unreviewed
CVE-2025-21020 was published Aug 6, 2025
Out-of-bounds array access vulnerability in the ArkUI framework. Impact: Successful exploitation... Moderate Unreviewed
CVE-2025-54616 was published Aug 6, 2025
An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480,... Moderate Unreviewed
CVE-2024-45183 was published Aug 4, 2025
Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially... Moderate Unreviewed
CVE-2025-48499 was published Aug 4, 2025
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2025-20696 was published Aug 4, 2025
In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2025-20698 was published Aug 4, 2025
In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2025-20697 was published Aug 4, 2025
A global buffer overflow vulnerability was found in the soup_header_name_to_string function in... Moderate Unreviewed
CVE-2025-8197 was published Jul 25, 2025
The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of... Moderate Unreviewed
CVE-2025-3873 was published Jul 25, 2025
An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device... Moderate Unreviewed
CVE-2025-41679 was published Jul 21, 2025
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a... Moderate Unreviewed
CVE-2024-42648 was published Jul 14, 2025
A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in... Moderate Unreviewed
CVE-2025-7519 was published Jul 14, 2025
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy... Moderate Unreviewed
CVE-2025-5451 was published Jul 8, 2025
Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows... Moderate Unreviewed
CVE-2025-21007 was published Jul 8, 2025
Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1... Moderate Unreviewed
CVE-2025-20982 was published Jul 8, 2025
Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1... Moderate Unreviewed
CVE-2025-20983 was published Jul 8, 2025
A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR... Moderate Unreviewed
CVE-2025-42971 was published Jul 8, 2025
A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug... Moderate Unreviewed
CVE-2025-6035 was published Jun 13, 2025
A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714... Moderate Unreviewed
CVE-2025-5502 was published Jun 3, 2025
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1.0 through 11.1.4.7, 11.5.0... Moderate Unreviewed
CVE-2024-49350 was published May 29, 2025
A vulnerability, which was classified as critical, has been found in SourceCodester Computer... Moderate Unreviewed
CVE-2025-5297 was published May 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database