Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,679
Erlang
34
GitHub Actions
26
Go
2,268
Maven
5,000+
npm
3,923
NuGet
705
pip
3,686
Pub
12
RubyGems
916
Rust
944
Swift
38
Unreviewed advisories
All unreviewed
5,000+

350 advisories

Loading
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag... Low Unreviewed
CVE-2025-43961 was published Apr 21, 2025
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads... Low Unreviewed
CVE-2025-43962 was published Apr 21, 2025
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer... Low Unreviewed
CVE-2025-43963 was published Apr 21, 2025
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has... Low Unreviewed
CVE-2025-32415 was published Apr 17, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-27534 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22842 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22452 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-20102 was published Apr 7, 2025
PyO3 Risk of buffer overflow in `PyString::from_object` Low
GHSA-pph8-gcv7-4qj5 was published for pyo3 (Rust) Apr 2, 2025
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-0900 was published Mar 11, 2025
A buffer overread can occur in the CPC application when operating in full duplex SPI upon... Low Unreviewed
CVE-2024-12975 was published Mar 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-23418 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22841 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22847 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22443 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-20021 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-21089 was published Mar 4, 2025
NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjdump binary, where a user... Low Unreviewed
CVE-2024-53873 was published Feb 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a... Low Unreviewed
CVE-2024-53871 was published Feb 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a... Low Unreviewed
CVE-2024-53870 was published Feb 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a... Low Unreviewed
CVE-2024-53876 was published Feb 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a... Low Unreviewed
CVE-2024-53872 was published Feb 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a... Low Unreviewed
CVE-2024-53874 was published Feb 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a... Low Unreviewed
CVE-2024-53875 was published Feb 25, 2025
Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB.... Low Unreviewed
CVE-2023-34401 was published Feb 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database