Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,038
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

760 advisories

Loading
ImageMagick BlobStream Forward-Seek Under-Allocation Low
CVE-2025-57807 was published for Magick.NET-Q16-HDRI-OpenMP-arm64 (NuGet) Sep 5, 2025
mescuwa
Credited to mescuwa
ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry ":" leads to crash Low
CVE-2025-55212 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
amethyst0225 leehohojune
jin-156
Credited to amethyst0225, leehohojune, and jin-156
ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution High
CVE-2025-55298 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
leehohojune hanbunny
jin-156 amethyst0225
Credited to leehohojune, hanbunny, jin-156, and amethyst0225
imagemagick: integer overflows in MNG magnification High
CVE-2025-55154 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
ImageMagick has a Heap Buffer Overflow in InterpretImageFilename Low
CVE-2025-53014 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
momo-trip iwashiira
utshina on-keyday
Credited to momo-trip, iwashiira, utshina, and on-keyday
ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow High
CVE-2025-57803 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
mescuwa
Credited to mescuwa
ImageMagick has a Stack Buffer Overflow in image.c High
CVE-2025-53101 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
momo-trip YutoIn
iwashiira utshina
Credited to momo-trip, YutoIn, iwashiira, and utshina
ImageMagick has Integer Overflow in BMP Decoder (ReadBMP) Moderate
CVE-2025-62171 was published for Magick.NET-Q16-AnyCPU (NuGet) Oct 28, 2025
wooseokdotkim
Credited to wooseokdotkim
ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS) Moderate
CVE-2025-62594 was published for Magick.NET-Q16-HDRI-OpenMP-arm64 (NuGet) Oct 27, 2025
amethyst0225 jin-156
hanbunny yosiimich
Credited to amethyst0225, jin-156, hanbunny, and yosiimich
DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite Critical
CVE-2025-64095 was published for DNN.PLATFORM (NuGet) Oct 29, 2025
bdukes valadas
Credited to bdukes and valadas
DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload Moderate
CVE-2025-64094 was published for DotNetNuke.Core (NuGet) Oct 29, 2025
pdstat bdukes
mitchelsellers valadas
Credited to pdstat, bdukes, mitchelsellers, and valadas
DNN CKEditor Provider allows unauthenticated upload out-of-the-box Moderate
CVE-2025-62802 was published for Dnn.Platform (NuGet) Oct 29, 2025
r90727 bdukes
donker david-poindexter mitchelsellers
Credited to r90727, bdukes, donker, david-poindexter, and mitchelsellers
Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
CVE-2025-55247 was published for Microsoft.Build (NuGet) Oct 15, 2025
rbhanda
Credited to rbhanda
Piranha CMS vulnerable to stored cross-site scripting (XSS) Moderate
CVE-2025-61413 was published for Piranha (NuGet) Oct 23, 2025
Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability High
CVE-2025-24070 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Mar 11, 2025
dwelch2344 udlose
rbhanda
Credited to dwelch2344, udlose, and rbhanda
.NET Denial of Service Vulnerability High
CVE-2023-38180 was published for Microsoft.AspNetCore.App.Runtime.win-arm64 (NuGet) Aug 9, 2023
mkilgore
Credited to mkilgore
.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability High
CVE-2020-1147 was published for Microsoft.NETCore.App (NuGet) May 24, 2022
Potential XSS vulnerability in jQuery Moderate
CVE-2020-11023 was published for components/jquery (RubyGems) Apr 29, 2020
masatokinugawa klaudialax
Rudloff
Credited to masatokinugawa, klaudialax, and Rudloff
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-18325 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-15811 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
ChakraCore RCE Vulnerability High
CVE-2018-8298 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore RCE Vulnerability High
CVE-2016-7200 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
ChakraCore RCE Vulnerability High
CVE-2016-7201 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability Critical
CVE-2025-55315 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 14, 2025
victorisr udlose
Credited to victorisr and udlose
Mammoth is vulnerable to Directory Traversal Moderate
CVE-2025-11849 was published for Mammoth (Maven) Oct 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database