Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,844
Maven
5,000+
npm
4,470
NuGet
779
pip
4,231
Pub
12
RubyGems
974
Rust
1,093
Swift
48
Unreviewed advisories
All unreviewed
5,000+

7,181 advisories

Loading
Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote... High Unreviewed
CVE-2026-0899 was published Jan 20, 2026
mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of... Moderate Unreviewed
CVE-2025-51602 was published Jan 16, 2026
GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmx_parse_tags function. High Unreviewed
CVE-2025-70298 was published Jan 15, 2026
An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to... High Unreviewed
CVE-2025-70308 was published Jan 15, 2026
Substance3D - Modeler versions 1.22.4 and earlier are affected by an Out-of-bounds Read... Moderate Unreviewed
CVE-2026-21303 was published Jan 13, 2026
Substance3D - Modeler versions 1.22.4 and earlier are affected by an Out-of-bounds Read... Moderate Unreviewed
CVE-2026-21302 was published Jan 13, 2026
Substance3D - Designer versions 15.0.3 and earlier are affected by an Out-of-bounds Read... Moderate Unreviewed
CVE-2026-21308 was published Jan 13, 2026
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for... Moderate Unreviewed
CVE-2025-37178 was published Jan 13, 2026
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for... Moderate Unreviewed
CVE-2025-37179 was published Jan 13, 2026
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Out-of-bounds Read... Moderate Unreviewed
CVE-2026-21278 was published Jan 13, 2026
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2026-20944 was published Jan 13, 2026
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code... High Unreviewed
CVE-2026-20946 was published Jan 13, 2026
Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a... Moderate Unreviewed
CVE-2026-20936 was published Jan 13, 2026
Out-of-bounds read in Capability Access Management Service (camsvc) allows an authorized attacker... Moderate Unreviewed
CVE-2026-20835 was published Jan 13, 2026
Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized... Moderate Unreviewed
CVE-2026-20851 was published Jan 13, 2026
Out-of-bounds read in Windows Internet Connection Sharing (ICS) allows an unauthorized attacker... Moderate Unreviewed
CVE-2026-20828 was published Jan 13, 2026
Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally. Moderate Unreviewed
CVE-2026-20829 was published Jan 13, 2026
phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables... Critical Unreviewed
CVE-2025-69992 was published Jan 13, 2026
AcademySoftwareFoundation OpenColorIO has an out-of-bounds vulnerability Low
CVE-2025-15506 was published for opencolorio (pip) Jan 11, 2026
Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event... Low Unreviewed
CVE-2025-53470 was published Jan 10, 2026
In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename... Moderate Unreviewed
CVE-2025-67810 was published Jan 9, 2026
mnl has segmentation fault and invalid memory read in `mnl::cb_run` Low
GHSA-585q-cm62-757j was published for mnl (Rust) Jan 9, 2026
A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote... High Unreviewed
CVE-2025-69260 was published Jan 8, 2026
OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load contains a heap buffer underflow... High Unreviewed
CVE-2026-22185 was published Jan 7, 2026
A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An... Moderate Unreviewed
CVE-2025-15382 was published Jan 6, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database