Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,005
Maven
5,000+
npm
4,733
NuGet
788
pip
4,343
Pub
12
RubyGems
987
Rust
1,137
Swift
50
Unreviewed advisories
All unreviewed
5,000+

11,743 advisories

Loading
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2026-2045 was published Feb 21, 2026
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2026-2048 was published Feb 21, 2026
A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability,... Moderate Unreviewed
CVE-2026-2681 was published Feb 19, 2026
WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows... Critical Unreviewed
CVE-2019-25362 was published Feb 19, 2026
An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this... Moderate Unreviewed
CVE-2026-0665 was published Feb 18, 2026
A weakness has been identified in FascinatedBox lily up to 2.3. This vulnerability affects the... Moderate Unreviewed
CVE-2026-2662 was published Feb 18, 2026
A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out... High Unreviewed
CVE-2026-0875 was published Feb 18, 2026
A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an... High Unreviewed
CVE-2026-0874 was published Feb 18, 2026
A weakness has been identified in niklasso minisat up to 2.2.0. This issue affects the function... Moderate Unreviewed
CVE-2026-2644 was published Feb 18, 2026
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow... High Unreviewed
CVE-2026-26732 was published Feb 17, 2026
TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow... High Unreviewed
CVE-2026-26736 was published Feb 17, 2026
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow... High Unreviewed
CVE-2026-26731 was published Feb 17, 2026
A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the... High Unreviewed
CVE-2026-2567 was published Feb 16, 2026
An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS... High Unreviewed
CVE-2026-1335 was published Feb 16, 2026
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in... Moderate Unreviewed
CVE-2026-20616 was published Feb 12, 2026
SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in the registration key input field that... Moderate Unreviewed
CVE-2020-37208 was published Feb 11, 2026
Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker... High Unreviewed
CVE-2026-2314 was published Feb 11, 2026
Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially... High Unreviewed
CVE-2024-36324 was published Feb 11, 2026
Improper input validation in AMD Graphics Driver could allow a local attacker to write out of... Moderate Unreviewed
CVE-2025-48518 was published Feb 11, 2026
An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote... Moderate Unreviewed
CVE-2025-30276 was published Feb 11, 2026
Pillow affected by out-of-bounds write when loading PSD images High
CVE-2026-25990 was published for pillow (pip) Feb 11, 2026
wiredfool radarhere
hugovk yardenporat353
Credited to wiredfool, radarhere, hugovk, and yardenporat353
Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability... High Unreviewed
CVE-2026-21349 was published Feb 10, 2026
Improper input validation in the SMM handler could allow an attacker with Ring0 access to write... High Unreviewed
CVE-2024-36355 was published Feb 10, 2026
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that... High Unreviewed
CVE-2026-21352 was published Feb 10, 2026
Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy... Moderate Unreviewed
CVE-2025-29949 was published Feb 10, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database