GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,678
Erlang
29
GitHub Actions
16
Go
1,707
Maven
4,940
npm
3,471
NuGet
603
pip
2,993
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93 advisories
Filter by severity
An Incorrect Calculation of Buffer Size vulnerability in Juniper Networks Junos OS SRX 5000...
High
Unreviewed
CVE-2024-30405
was published
Apr 12, 2024
In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a network buffer that had to...
Unknown
Unreviewed
CVE-2023-52558
was published
Mar 1, 2024
In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP ...
Unknown
Unreviewed
CVE-2023-52557
was published
Mar 1, 2024
A memory corruption vulnerability has been identified in PostScript interpreter in various...
Critical
Unreviewed
CVE-2023-50736
was published
Feb 28, 2024
In the Linux kernel, the following vulnerability has been resolved:
media: staging/intel-ipu3:...
High
Unreviewed
CVE-2021-46943
was published
Feb 27, 2024
An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig...
Critical
Unreviewed
CVE-2024-23606
was published
Feb 20, 2024
Undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. For the...
High
Unreviewed
CVE-2024-23805
was published
Feb 14, 2024
A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko...
High
Unreviewed
CVE-2023-6387
was published
Feb 2, 2024
An integer overflow was found in the __vsyslog_internal function of the glibc library. This...
Moderate
Unreviewed
CVE-2023-6780
was published
Jan 31, 2024
A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote,...
Critical
Unreviewed
CVE-2024-23621
was published
Jan 26, 2024
A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A...
Critical
Unreviewed
CVE-2024-23622
was published
Jan 26, 2024
In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13...
Critical
Unreviewed
CVE-2023-5941
was published
Nov 8, 2023
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the...
Critical
Unreviewed
CVE-2023-45871
was published
Oct 15, 2023
Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements...
High
Unreviewed
CVE-2023-30575
was published
Jun 7, 2023
Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows...
Low
Unreviewed
CVE-2023-2687
was published
Jun 2, 2023
memory corruption in modem due to improper check while calculating size of serialized CoAP message
Critical
Unreviewed
CVE-2022-33211
was published
Apr 13, 2023
Information disclosure in modem due to buffer over-read while processing packets from DNS server
High
Unreviewed
CVE-2022-25731
was published
Apr 13, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-24907
was published
Mar 28, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-24908
was published
Mar 28, 2023
In pqframework, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-20627
was published
Mar 7, 2023
Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
High
Unreviewed
CVE-2023-1175
was published
Mar 4, 2023
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution...
Critical
Unreviewed
CVE-2023-0568
was published
Feb 16, 2023
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local...
Moderate
Unreviewed
CVE-2022-32651
was published
Jan 3, 2023
In mtk-isp, there is a possible use after free due to a logic error. This could lead to local...
Moderate
Unreviewed
CVE-2022-32650
was published
Jan 3, 2023
In jpeg, there is a possible use after free due to a logic error. This could lead to local...
Moderate
Unreviewed
CVE-2022-32649
was published
Jan 3, 2023
ProTip!
Advisories are also available from the
GraphQL API