Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,930
Maven
5,000+
npm
4,587
NuGet
786
pip
4,294
Pub
12
RubyGems
981
Rust
1,114
Swift
49
Unreviewed advisories
All unreviewed
5,000+

4,428 advisories

Loading
Address read vulnerability in the communication module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2026-24918 was published Feb 6, 2026
Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2026-24929 was published Feb 6, 2026
git2 has potential undefined behavior when dereferencing Buf struct Low
GHSA-j39j-6gw9-jw6h was published for git2 (Rust) Feb 4, 2026
A NULL pointer dereference in the mk_http_range_parse function (mk_server/mk_http.c) of monkey... High Unreviewed
CVE-2025-63655 was published Jan 29, 2026
A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service ... Moderate Unreviewed
CVE-2026-23565 was published Jan 29, 2026
NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a... Moderate Unreviewed
CVE-2025-33237 was published Jan 28, 2026
In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success... Low Unreviewed
CVE-2026-24883 was published Jan 27, 2026
The Tapo C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests... High Unreviewed
CVE-2026-0918 was published Jan 27, 2026
Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the... High Unreviewed
CVE-2025-69421 was published Jan 27, 2026
Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC protocol client... Moderate Unreviewed
CVE-2025-15468 was published Jan 27, 2026
Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a... Moderate Unreviewed
CVE-2025-11187 was published Jan 27, 2026
NULL Pointer Dereference vulnerability in visualfc liteide (liteidex/src/3rdparty/libvterm/src... Moderate Unreviewed
CVE-2026-24805 was published Jan 27, 2026
NULL Pointer Dereference vulnerability in abcz316 SKRoot-linuxKernelRoot (testRoot/jni/utils... High Unreviewed
CVE-2026-24813 was published Jan 27, 2026
A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function... Moderate Unreviewed
CVE-2026-1417 was published Jan 26, 2026
A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the... Moderate Unreviewed
CVE-2026-1416 was published Jan 26, 2026
A vulnerability was identified in GPAC up to 2.4.0. Affected is the function... Moderate Unreviewed
CVE-2026-1415 was published Jan 26, 2026
Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/processor/ampolicy.go in... High Unreviewed
CVE-2025-66720 was published Jan 23, 2026
In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler... Low Unreviewed
CVE-2026-24515 was published Jan 23, 2026
A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted... High Unreviewed
CVE-2026-0710 was published Jan 23, 2026
Rekor's COSE v0.0.1 entry type nil pointer dereference in Canonicalize via empty Message Moderate
CVE-2026-23831 was published for github.com/sigstore/rekor (Go) Jan 22, 2026
1seal
Credited to 1seal
ImageMagick has a NULL pointer dereference in MSL parser via <comment> tag before image load Moderate
CVE-2026-23952 was published for Magick.NET-Q16-AnyCPU (NuGet) Jan 21, 2026
OwenSanzas
Credited to OwenSanzas
NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c in owntone-server... High Unreviewed
CVE-2025-57155 was published Jan 20, 2026
A NULL pointer dereference in the parse_meta function (src/httpd_daap.c) of owntone-server commit... High Unreviewed
CVE-2025-63647 was published Jan 20, 2026
A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of... High Unreviewed
CVE-2025-63648 was published Jan 20, 2026
NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in... High Unreviewed
CVE-2025-57156 was published Jan 20, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database