GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
211 advisories
Filter by severity
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
High
Unreviewed
CVE-2026-21379
was published
Jul 6, 2026
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to...
High
Unreviewed
CVE-2026-42828
was published
Jun 9, 2026
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker...
High
Unreviewed
CVE-2026-44185
was published
Jun 8, 2026
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret...
High
Unreviewed
CVE-2026-5260
was published
May 27, 2026
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose...
High
Unreviewed
CVE-2026-34336
was published
May 12, 2026
Buffer Over-read vulnerability in Apache HTTP Server.
This issue affects Apache HTTP Server:...
High
Unreviewed
CVE-2026-34059
was published
May 4, 2026
AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c...
High
Unreviewed
CVE-2026-37532
was published
May 1, 2026
rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer
High
CVE-2026-41898
was published
for
openssl
(Rust)
Apr 22, 2026
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate...
High
Unreviewed
CVE-2026-26184
was published
Apr 14, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL...
High
Unreviewed
CVE-2026-21378
was published
Apr 6, 2026
Transient DOS when receiving a service data frame with excessive length during device matching...
High
Unreviewed
CVE-2026-21381
was published
Apr 6, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL...
High
Unreviewed
CVE-2026-21376
was published
Apr 6, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL...
High
Unreviewed
CVE-2026-21375
was published
Apr 6, 2026
Memory Corruption when processing auxiliary sensor input/output control commands with...
High
Unreviewed
CVE-2026-21374
was published
Apr 6, 2026
Memory Corruption when retrieving output buffer with insufficient size validation.
High
Unreviewed
CVE-2026-21371
was published
Apr 6, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL...
High
Unreviewed
CVE-2026-21373
was published
Apr 6, 2026
Memory corruption while preprocessing IOCTL request in JPEG driver.
High
Unreviewed
CVE-2025-47390
was published
Apr 6, 2026
Cryptographic issue while copying data to a destination buffer without validating its size.
High
Unreviewed
CVE-2025-47400
was published
Apr 6, 2026
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes...
High
Unreviewed
CVE-2026-21367
was published
Apr 6, 2026
A malicious mail server could send malformed strings with negative lengths, causing the parser to...
High
Unreviewed
CVE-2026-4371
was published
Mar 24, 2026
fido2-lib is vulnerable to DoS via cbor-extract heap buffer over-read in CBOR attestation parsing
High
GHSA-g3qj-j598-cxmq
was published
for
fido2-lib
(npm)
Mar 24, 2026
Memory Corruption when adding user-supplied data without checking available buffer space.
High
Unreviewed
CVE-2025-59600
was published
Mar 2, 2026
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization ...
High
Unreviewed
CVE-2026-28364
was published
Feb 27, 2026
Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network.
High
Unreviewed
CVE-2026-20846
was published
Feb 10, 2026
A buffer over-read in the PublicKey::verify() method of Binance - Trust Wallet Core before commit...
High
Unreviewed
CVE-2025-66692
was published
Jan 20, 2026
ProTip!
Advisories are also available from the
GraphQL API