Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to... High Unreviewed
CVE-2025-62560 was published Dec 9, 2025
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62464 was published Dec 9, 2025
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to... High Unreviewed
CVE-2025-62461 was published Dec 9, 2025
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62462 was published Dec 9, 2025
Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to... High Unreviewed
CVE-2025-62467 was published Dec 9, 2025
A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write... High Unreviewed
CVE-2025-63602 was published Nov 18, 2025
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-60720 was published Nov 11, 2025
Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM... High Unreviewed
CVE-2025-47368 was published Nov 4, 2025
Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-59192 was published Oct 14, 2025
Information disclosure when UE receives the RTP packet from the network, while decoding and... High Unreviewed
CVE-2025-21484 was published Sep 24, 2025
Transient DOS while processing power control requests with invalid antenna or stream values. High Unreviewed
CVE-2025-47328 was published Sep 24, 2025
Transient DOS while parsing the EPTM test control message to get the test pattern. High Unreviewed
CVE-2025-47318 was published Sep 24, 2025
Memory corruption due to global buffer overflow when a test command uses an invalid payload type. High Unreviewed
CVE-2025-47317 was published Sep 24, 2025
Information disclosure while decoding RTP packet received by UE from the network, when payload... High Unreviewed
CVE-2025-21487 was published Sep 24, 2025
Transient DOS while handling command data during power control processing. High Unreviewed
CVE-2025-47326 was published Sep 24, 2025
Information disclosure while decoding this RTP packet headers received by UE from the network... High Unreviewed
CVE-2025-21488 was published Sep 24, 2025
A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due... High Unreviewed
CVE-2025-36855 was published Sep 8, 2025
Transient DOS while processing a frame with malformed shared-key descriptor. High Unreviewed
CVE-2025-27065 was published Aug 6, 2025
Memory corruption while processing an IOCTL command with an arbitrary address. High Unreviewed
CVE-2025-27068 was published Aug 6, 2025
A heap-based buffer over-read vulnerability was found in the X.org server's... High Unreviewed
CVE-2024-31080 was published Apr 4, 2024
A heap-based buffer over-read vulnerability was found in the X.org server's... High Unreviewed
CVE-2024-31081 was published Apr 4, 2024
Transient DOS while handling beacon frames with invalid IE header length. High Unreviewed
CVE-2025-27057 was published Jul 8, 2025
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet... High Unreviewed
CVE-2025-21427 was published Jul 8, 2025
Transient DOS while processing received beacon frame. High Unreviewed
CVE-2025-21454 was published Jul 8, 2025
Transient DOS may occur while processing malformed length field in SSID IEs. High Unreviewed
CVE-2025-21449 was published Jul 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database