Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,291 advisories

Loading
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a... Moderate Unreviewed
CVE-2024-42648 was published Jul 14, 2025
A heap-based buffer overflow in Fortinet FortiOS versions 7.6.0 through 7.6.2, 7.4.0 through 7.4... Moderate Unreviewed
CVE-2025-24477 was published Jul 15, 2025
A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5... High Unreviewed
CVE-2025-4657 was published Jul 17, 2025
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote,... High Unreviewed
CVE-2025-40597 was published Jul 23, 2025
Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo... Moderate Unreviewed
CVE-2025-51089 was published Jul 24, 2025
A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force... High Unreviewed
CVE-2025-5043 was published Jul 29, 2025
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS... High Unreviewed
CVE-2025-31280 was published Jul 30, 2025
OpenEXR Heap-Based Buffer Overflow in Deep Scanline Parsing via Forged Unpacked Size High
CVE-2025-48071 was published for OpenEXR (pip) Jul 31, 2025
suidpit TheZ3ro
ndaprela smaury
Credited to suidpit, TheZ3ro, ndaprela, and smaury
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force... High Unreviewed
CVE-2025-7025 was published Aug 5, 2025
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force... High Unreviewed
CVE-2025-7033 was published Aug 5, 2025
:Vulnerability of insufficient data length verification in the DFA module. Impact: Successful... Moderate Unreviewed
CVE-2025-54630 was published Aug 6, 2025
NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker... Critical Unreviewed
CVE-2025-23317 was published Aug 6, 2025
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based... High Unreviewed
CVE-2025-3320 was published Aug 6, 2025
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based... High Unreviewed
CVE-2025-3354 was published Aug 6, 2025
ExecuTorch heap buffer overflow vulnerability Critical
CVE-2025-54949 was published for executorch (Maven) Aug 8, 2025
Fidget-Grep
Credited to Fidget-Grep
ExecuTorch vulnerable to Heap-based Buffer Overflow Critical
CVE-2025-54951 was published for executorch (Maven) Aug 8, 2025
Fidget-Grep
Credited to Fidget-Grep
A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy... High Unreviewed
CVE-2025-5462 was published Aug 12, 2025
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an... High Unreviewed
CVE-2025-49757 was published Aug 12, 2025
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate... High Unreviewed
CVE-2025-50161 was published Aug 12, 2025
Access of resource using incompatible type ('type confusion') in Windows Push Notifications... High Unreviewed
CVE-2025-50155 was published Aug 12, 2025
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an... High Unreviewed
CVE-2025-50160 was published Aug 12, 2025
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an... High Unreviewed
CVE-2025-50163 was published Aug 12, 2025
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over... High Unreviewed
CVE-2025-53131 was published Aug 12, 2025
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an... High Unreviewed
CVE-2025-50168 was published Aug 12, 2025
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-53155 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database