Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,232 advisories

Loading
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing... Moderate Unreviewed
CVE-2025-14104 was published Dec 5, 2025
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF... Moderate Unreviewed
CVE-2025-58113 was published Dec 2, 2025
In display, there is a possible out of bounds read due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2025-20776 was published Dec 2, 2025
In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2025-20759 was published Dec 2, 2025
Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical... Moderate Unreviewed
CVE-2025-58476 was published Dec 2, 2025
Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote... Moderate Unreviewed
CVE-2025-58479 was published Dec 2, 2025
FeehiCMS fails to enforce server-side immutability Moderate
CVE-2025-63523 was published for feehi/feehicms (Composer) Dec 1, 2025
An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the... Moderate Unreviewed
CVE-2025-41739 was published Dec 1, 2025
Vulnerability of accessing invalid memory in the component driver module. Impact: Successful... Moderate Unreviewed
CVE-2025-58314 was published Nov 28, 2025
golang.org/x/crypto/ssh/agent vulnerable to panic if message is malformed due to out of bounds read Moderate
CVE-2025-47914 was published for golang.org/x/crypto (Go) Nov 19, 2025
leonklingele
Credited to leonklingele
Inappropriate implementation in Dawn in Google Chrome on Mac prior to 130.0.6723.92 allowed a... Moderate Unreviewed
CVE-2024-11920 was published Nov 14, 2025
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... Moderate Unreviewed
CVE-2025-43205 was published Nov 12, 2025
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability... Moderate Unreviewed
CVE-2025-61845 was published Nov 11, 2025
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability... Moderate Unreviewed
CVE-2025-61844 was published Nov 11, 2025
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability... Moderate Unreviewed
CVE-2025-61841 was published Nov 11, 2025
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability... Moderate Unreviewed
CVE-2025-61840 was published Nov 11, 2025
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability... Moderate Unreviewed
CVE-2025-61843 was published Nov 11, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-60728 was published Nov 11, 2025
Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to... Moderate Unreviewed
CVE-2025-59513 was published Nov 11, 2025
Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally. Moderate Unreviewed
CVE-2025-60706 was published Nov 11, 2025
Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3:... Moderate Unreviewed
CVE-2025-31937 was published Nov 11, 2025
Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote... Moderate Unreviewed
CVE-2025-12725 was published Nov 10, 2025
Out of bounds read in WebXR in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... Moderate Unreviewed
CVE-2025-12443 was published Nov 10, 2025
Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to... Moderate Unreviewed
CVE-2025-12441 was published Nov 10, 2025
AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64 Moderate
CVE-2025-57697 was published for AstrBot (pip) Nov 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database