Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

314 advisories

Loading
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-49659 was published Jul 8, 2025
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-47971 was published Jul 8, 2025
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-47973 was published Jul 8, 2025
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose... Moderate Unreviewed
CVE-2025-24068 was published Jun 10, 2025
A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7... Low Unreviewed
CVE-2025-47295 was published May 28, 2025
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call. High Unreviewed
CVE-2024-53026 was published Jun 3, 2025
Information disclosure may occur while processing goodbye RTCP packet from network. High Unreviewed
CVE-2024-53021 was published Jun 3, 2025
Information disclosure may occur while decoding the RTP packet with invalid header extension from... High Unreviewed
CVE-2024-53020 was published Jun 3, 2025
Transient DOS while processing the tone measurement response buffer when the response buffer is... High Unreviewed
CVE-2025-27029 was published Jun 3, 2025
Information disclosure may occur while decoding the RTP packet with improper header length for... High Unreviewed
CVE-2024-53019 was published Jun 3, 2025
Transient DOS while processing the EHT operation IE in the received beacon frame. High Unreviewed
CVE-2025-21463 was published Jun 3, 2025
An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before... High Unreviewed
CVE-2024-52879 was published May 15, 2025
An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before... High Unreviewed
CVE-2024-52877 was published May 15, 2025
An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before... High Unreviewed
CVE-2024-52878 was published May 15, 2025
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-32704 was published May 13, 2025
Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a... Moderate Unreviewed
CVE-2025-29956 was published May 13, 2025
In face detect driver, there is a possible out of bounds write due to a missing bounds check.... Moderate Unreviewed
CVE-2022-38673 was published Oct 15, 2022
Memory corruption due to improper bounds check while command handling in camera-kernel driver. Moderate Unreviewed
CVE-2024-45568 was published May 6, 2025
Transient DOS while parsing per STA profile in ML IE. High Unreviewed
CVE-2025-21459 was published May 6, 2025
Memory corruption while decoding of OTA messages from T3448 IE. High Unreviewed
CVE-2024-49846 was published May 6, 2025
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. High Unreviewed
CVE-2025-21475 was published May 6, 2025
Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key... High Unreviewed
CVE-2024-49847 was published May 6, 2025
Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to... Moderate Unreviewed
CVE-2025-4207 was published May 8, 2025
ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via... Moderate Unreviewed
CVE-2024-11596 was published May 7, 2025
Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability High
CVE-2025-21176 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database