Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

434 advisories

Loading
vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs High
CVE-2025-62372 was published for vllm (pip) Nov 20, 2025
DarkLight1337 ywang96
Isotr0py russellb
Credited to DarkLight1337, ywang96, Isotr0py, and russellb
A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds... Moderate Unreviewed
CVE-2025-10158 was published Nov 18, 2025
Memory corruption while processing audio streaming operations. High Unreviewed
CVE-2025-47352 was published Nov 4, 2025
Memory corruption when triggering a subsystem crash with an out-of-range identifier. High Unreviewed
CVE-2025-47361 was published Nov 4, 2025
Memory corruption while selecting the PLMN from SOR failed list. Critical Unreviewed
CVE-2025-27034 was published Sep 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause... Low Unreviewed
CVE-2025-23338 was published Sep 24, 2025
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check... High Unreviewed
CVE-2022-49170 was published Sep 23, 2025
Improper validation of an array index in the AND power Management Firmware could allow a... Moderate Unreviewed
CVE-2024-21970 was published Sep 6, 2025
Improper validation of an array index in the AMD graphics driver software could allow an attacker... Low Unreviewed
CVE-2023-31306 was published Sep 6, 2025
Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host. High Unreviewed
CVE-2025-27075 was published Aug 6, 2025
Memory corruption while processing DDI call with invalid buffer. High Unreviewed
CVE-2025-27067 was published Aug 6, 2025
Improper array index verification vulnerability in the audio codec module. Impact: Successful... Moderate Unreviewed
CVE-2025-54650 was published Aug 6, 2025
Out-of-bounds array access issue due to insufficient data verification in the location service... Moderate Unreviewed
CVE-2025-54645 was published Aug 6, 2025
Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-54610 was published Aug 6, 2025
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might... High Unreviewed
CVE-2025-23278 was published Aug 3, 2025
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid... High Unreviewed
CVE-2025-38367 was published Jul 25, 2025
Memory corruption while operating the mailbox in Automotive. Moderate Unreviewed
CVE-2024-53009 was published Jul 8, 2025
The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console... Moderate Unreviewed
CVE-2024-35164 was published Jul 2, 2025
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec... High Unreviewed
CVE-2022-50066 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Set... High Unreviewed
CVE-2025-38013 was published Jun 18, 2025
A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the... High Unreviewed
CVE-2025-5866 was published Jun 9, 2025
A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue... High Unreviewed
CVE-2025-5868 was published Jun 9, 2025
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to... Critical Unreviewed
CVE-2025-3357 was published May 28, 2025
Fiber panics when fiber.Ctx.BodyParser parses invalid range index High
CVE-2025-48075 was published for github.com/gofiber/fiber/v2 (Go) May 22, 2025
Batleram sixcolors
efectn ReneWerner87 gaby
Credited to Batleram, sixcolors, efectn, ReneWerner87, and gaby
Ollama Server Vulnerable to Denial of Service (DoS) Attack High
CVE-2025-1975 was published for github.com/ollama/ollama (Go) May 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database