Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,595
Maven
5,000+
npm
5,000+
NuGet
924
pip
4,823
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+

156,161 advisories

Loading
PraisonAI has Unrestricted Upload Size in WSGI Recipe Registry Server that Enables Memory Exhaustion DoS Moderate
CVE-2026-40115 was published for PraisonAI (pip) Apr 10, 2026
offset Credited to offset
ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width Moderate
GHSA-rrjr-v56m-ww88 was published for ParquetSharp (NuGet) Apr 24, 2026
adamreeve Credited to adamreeve, CurtHagenlocher, and marcin-krystianc CurtHagenlocher CurtHagenlocher
marcin-krystianc marcin-krystianc
nova-toggle-5: Improper authorization on toggle endpoint allowed non-Nova users to modify boolean fields Moderate
GHSA-f5c8-m5vw-rmgq was published for almirhodzic/nova-toggle-5 (Composer) Apr 24, 2026
RobertoNegro Credited to RobertoNegro
AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache Moderate
CVE-2026-6550 was published for aws-encryption-sdk (pip) Apr 24, 2026
Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior Moderate
GHSA-38c5-483c-4qqp was published for grid (Rust) Apr 24, 2026
ksj1230 Credited to ksj1230
pip has an interpretation conflict due to handling both concatenated tar and ZIP files as ZIP files Moderate
CVE-2026-3219 was published for pip (pip) Apr 20, 2026
RedwoodSDK has Same-site CSRF through lack of origin validation in its server actions Moderate
GHSA-m2m6-cff5-3w7c was published for rwsdk (npm) Apr 24, 2026
mthx Credited to mthx
In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular... Moderate Unreviewed
CVE-2026-23419 was published Apr 3, 2026
In Libsixel prior to and including v1.10.3, a NULL pointer dereference in the stb_image.h... Moderate Unreviewed
CVE-2021-45340 was published Jan 26, 2022
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function... Moderate Unreviewed
CVE-2019-20140 was published May 24, 2022
A heap-based buffer overflow in the sixel_encoder_output_without_macro function in encoder.c of... Moderate Unreviewed
CVE-2020-21677 was published May 24, 2022
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential... Moderate Unreviewed
CVE-2026-23409 was published Apr 1, 2026
In the Linux kernel, the following vulnerability has been resolved: rust_binder: call... Moderate Unreviewed
CVE-2026-23400 was published Mar 29, 2026
In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end... Moderate Unreviewed
CVE-2026-23416 was published Apr 2, 2026
In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg_sr: Fix leak on... Moderate Unreviewed
CVE-2026-23418 was published Apr 3, 2026
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking... Moderate Unreviewed
CVE-2026-23420 was published Apr 3, 2026
The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion. Moderate Unreviewed
CVE-2019-11024 was published May 13, 2022
A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel... Moderate Unreviewed
CVE-2019-20024 was published May 24, 2022
In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in... Moderate Unreviewed
CVE-2021-46700 was published Feb 20, 2022
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function... Moderate Unreviewed
CVE-2019-19778 was published May 24, 2022
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap... Moderate Unreviewed
CVE-2019-19777 was published May 24, 2022
Unverified indexs into the array lead to out of bound access in the gif_out_code function in... Moderate Unreviewed
CVE-2020-19668 was published May 24, 2022
libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. Moderate Unreviewed
CVE-2019-20205 was published May 24, 2022
A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4. Moderate Unreviewed
CVE-2019-20023 was published May 24, 2022
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function... Moderate Unreviewed
CVE-2019-20094 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database