Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,872
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,652 advisories

Loading
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2025-43300 was published Aug 21, 2025
Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to... High Unreviewed
CVE-2025-9132 was published Aug 20, 2025
A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug... Moderate Unreviewed
CVE-2025-6035 was published Jun 13, 2025
There's a vulnerability in the libssh package where when a libssh consumer passes in an... Moderate Unreviewed
CVE-2025-4877 was published Aug 20, 2025
IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17... High Unreviewed
CVE-2025-2900 was published May 14, 2025
A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out... High Unreviewed
CVE-2025-7675 was published Jul 29, 2025
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out... High Unreviewed
CVE-2025-6631 was published Jul 29, 2025
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out... High Unreviewed
CVE-2025-6637 was published Jul 29, 2025
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based... High Unreviewed
CVE-2025-1651 was published Mar 13, 2025
A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds... High Unreviewed
CVE-2025-6633 was published Aug 6, 2025
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out... High Unreviewed
CVE-2025-7497 was published Jul 29, 2025
A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory... High Unreviewed
CVE-2025-1277 was published Apr 15, 2025
A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based... High Unreviewed
CVE-2025-2497 was published Apr 15, 2025
A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a... High Unreviewed
CVE-2025-1656 was published Apr 15, 2025
A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can... High Unreviewed
CVE-2025-1275 was published Apr 15, 2025
A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds... High Unreviewed
CVE-2025-1274 was published Apr 15, 2025
A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a... High Unreviewed
CVE-2025-1273 was published Apr 15, 2025
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory... High Unreviewed
CVE-2025-1660 was published Apr 1, 2025
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an... High Unreviewed
CVE-2025-1276 was published Apr 15, 2025
A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory... High Unreviewed
CVE-2025-1430 was published Mar 13, 2025
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based... High Unreviewed
CVE-2025-1429 was published Mar 13, 2025
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204,... High Unreviewed
CVE-2025-53705 was published Aug 18, 2025
MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-44428 was published May 3, 2024
An out-of-bounds write vulnerability has been reported to affect File Station 5. If a remote... High Unreviewed
CVE-2025-47206 was published Aug 18, 2025
CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow. High Unreviewed
CVE-2021-30186 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database