Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

77 advisories

Loading
glib-networking's OpenSSL backend fails to properly check the return value of memory allocation... Low Unreviewed
CVE-2025-60019 was published Sep 25, 2025
NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a... Low Unreviewed
CVE-2025-23346 was published Sep 24, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer... Low Unreviewed
CVE-2025-26690 was published Aug 11, 2025
MaterialX Null Pointer Dereference in MaterialXCore Shader Generation due to Unchecked implGraphOutput Low
CVE-2025-53011 was published for MaterialX (pip) Jul 31, 2025
suidpit TheZ3ro
ndaprela smaury
Credited to suidpit, TheZ3ro, ndaprela, and smaury
MaterialX Null Pointer Dereference in getShaderNodes due to Unchecked nodeGraph->getOutput return Low
CVE-2025-53010 was published for MaterialX (pip) Jul 31, 2025
suidpit TheZ3ro
ndaprela smaury
Credited to suidpit, TheZ3ro, ndaprela, and smaury
Withdrawn Advisory: microlight.js has a null pointer dereference vulnerability Low
CVE-2025-45525 was published for microlight (npm) Jun 17, 2025 withdrawn
Null pointer exception vulnerabilities were reported in the fingerprint sensor service that could... Low Unreviewed
CVE-2025-1698 was published Jun 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer... Low Unreviewed
CVE-2025-25217 was published Jun 8, 2025
TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a... Low Unreviewed
CVE-2023-47466 was published May 22, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer... Low Unreviewed
CVE-2025-27248 was published May 6, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer... Low Unreviewed
CVE-2025-25218 was published May 6, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer... Low Unreviewed
CVE-2025-27241 was published May 6, 2025
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image... Low Unreviewed
CVE-2025-43967 was published Apr 21, 2025
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. Low Unreviewed
CVE-2025-43966 was published Apr 21, 2025
A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this... Low Unreviewed
CVE-2025-3122 was published Apr 3, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-21084 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer... Low Unreviewed
CVE-2025-21097 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer... Low Unreviewed
CVE-2025-22837 was published Mar 4, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a... Low Unreviewed
CVE-2024-53877 was published Feb 25, 2025
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in... Low Unreviewed
CVE-2025-27113 was published Feb 19, 2025
OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O... Low Unreviewed
CVE-2024-5198 was published Jan 15, 2025
When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is... Low Unreviewed
CVE-2024-42328 was published Nov 27, 2024
The webdriver for the Browser object expects an error object to be initialized when the... Low Unreviewed
CVE-2024-42329 was published Nov 27, 2024
NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line... Low Unreviewed
CVE-2024-0125 was published Oct 3, 2024
A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue... Low Unreviewed
CVE-2024-43167 was published Aug 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database