GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,872
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,951
npm
3,480
NuGet
605
pip
3,027
Pub
10
RubyGems
832
Rust
777
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,710 advisories
Filter by severity
A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper...
Moderate
Unreviewed
CVE-2024-21596
was published
Jan 12, 2024
A Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper...
Moderate
Unreviewed
CVE-2024-21594
was published
Jan 12, 2024
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a...
Moderate
Unreviewed
CVE-2023-37644
was published
Jan 11, 2024
Issue summary: The POLY1305 MAC (message authentication code) implementation
contains a bug that...
Moderate
Unreviewed
CVE-2023-6129
was published
Jan 9, 2024
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
Moderate
Unreviewed
CVE-2024-0321
was published
Jan 8, 2024
A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6139_B20201216....
Moderate
Unreviewed
CVE-2023-7213
was published
Jan 7, 2024
A vulnerability, which was classified as critical, has been found in Totolink N350RT 9.3.5u...
Moderate
Unreviewed
CVE-2023-7214
was published
Jan 7, 2024
`serde` deserialization for `FamStructWrapper` lacks bound checks that could potentially lead to out-of-bounds memory access
Moderate
CVE-2023-50711
was published
for
vmm-sys-util
(Rust)
Jan 2, 2024
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when...
Moderate
Unreviewed
CVE-2023-6693
was published
Jan 2, 2024
Memory corruption while receiving a message in Bus Socket Transport Server.
Moderate
Unreviewed
CVE-2023-33038
was published
Jan 2, 2024
In bluetooth service, there is a possible out of bounds write due to improper input validation....
Moderate
Unreviewed
CVE-2023-32891
was published
Jan 2, 2024
In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2023-32883
was published
Jan 2, 2024
In battery, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-32879
was published
Jan 2, 2024
In battery, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-32877
was published
Jan 2, 2024
In battery, there is a possible memory corruption due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2023-32882
was published
Jan 2, 2024
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-32872
was published
Jan 2, 2024
JLine vulnerable to out of memory error
Moderate
CVE-2023-50572
was published
for
org.jline:jline-parent
(Maven)
Dec 29, 2023
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF...
Moderate
Unreviewed
CVE-2023-6228
was published
Dec 28, 2023
json-path Out-of-bounds Write vulnerability
Moderate
CVE-2023-51074
was published
for
com.jayway.jsonpath:json-path
(Maven)
Dec 27, 2023
An out-of-bounds write issue has been discovered in the backspace handling of the checkType()...
Moderate
Unreviewed
CVE-2023-4255
was published
Dec 21, 2023
When handling contactless cards, usage of a specific function to get additional...
Moderate
Unreviewed
CVE-2023-33222
was published
Dec 15, 2023
When reading DesFire keys, the function that reads the card isn't properly checking the...
Moderate
Unreviewed
CVE-2023-33221
was published
Dec 15, 2023
Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380,...
Moderate
Unreviewed
CVE-2023-43122
was published
Dec 13, 2023
IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused...
Moderate
Unreviewed
CVE-2023-28527
was published
Dec 9, 2023
IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow,...
Moderate
Unreviewed
CVE-2023-28526
was published
Dec 9, 2023
ProTip!
Advisories are also available from the
GraphQL API