Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,950
Maven
5,000+
npm
4,596
NuGet
787
pip
4,301
Pub
12
RubyGems
982
Rust
1,121
Swift
49
Unreviewed advisories
All unreviewed
5,000+

11,665 advisories

Loading
Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this... High Unreviewed
CVE-2026-24926 was published Feb 6, 2026
Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2026-24919 was published Feb 6, 2026
In builds with PubSub and JSON enabled, a crafted JSON message can cause the decoder to write... Moderate Unreviewed
CVE-2026-1301 was published Feb 5, 2026
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that... Moderate Unreviewed
CVE-2020-37140 was published Feb 5, 2026
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based... High Unreviewed
CVE-2026-0536 was published Feb 4, 2026
A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max,... High Unreviewed
CVE-2026-0659 was published Feb 4, 2026
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory... High Unreviewed
CVE-2026-0537 was published Feb 4, 2026
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds... High Unreviewed
CVE-2026-0538 was published Feb 4, 2026
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory... High Unreviewed
CVE-2026-0661 was published Feb 4, 2026
: Out-of-bounds Write vulnerability in Xquic Project Xquic Server xquic on Linux (QUIC protocol... Moderate Unreviewed
CVE-2026-1788 was published Feb 3, 2026
In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed
CVE-2026-20418 was published Feb 2, 2026
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could... High Unreviewed
CVE-2026-20412 was published Feb 2, 2026
In Modem, there is a possible system crash due to improper input validation. This could lead to... High Unreviewed
CVE-2026-20402 was published Feb 2, 2026
In Modem, there is a possible system crash due to a missing bounds check. This could lead to... High Unreviewed
CVE-2026-20403 was published Feb 2, 2026
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed
CVE-2026-20409 was published Feb 2, 2026
In Modem, there is a possible system crash due to improper input validation. This could lead to... High Unreviewed
CVE-2026-20404 was published Feb 2, 2026
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2026-20410 was published Feb 2, 2026
In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead... High Unreviewed
CVE-2026-20408 was published Feb 2, 2026
In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check.... High Unreviewed
CVE-2026-20407 was published Feb 2, 2026
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2026-20413 was published Feb 2, 2026
In pcie, there is a possible out of bounds write due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2026-20417 was published Feb 2, 2026
Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers... High Unreviewed
CVE-2020-37031 was published Jan 31, 2026
Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to... High Unreviewed
CVE-2020-37011 was published Jan 29, 2026
Downloading and building modules with malicious version strings can cause local code execution.... High Unreviewed
CVE-2025-68119 was published Jan 28, 2026
YATinyWinFTP contains a denial of service vulnerability that allows attackers to crash the FTP... High Unreviewed
CVE-2020-36964 was published Jan 28, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database