GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,413
Erlang
28
GitHub Actions
16
Go
1,653
Maven
4,915
npm
3,441
NuGet
594
pip
2,821
Pub
10
RubyGems
823
Rust
762
Swift
34
Unreviewed advisories
All unreviewed
5,000+
8,620 advisories
Filter by severity
A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2024-20357
was published
May 1, 2024
A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an...
High
Unreviewed
CVE-2024-20376
was published
May 1, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a...
Low
Unreviewed
CVE-2024-4141
was published
Apr 24, 2024
Buffer Overflow in gitea
High
CVE-2021-3382
was published
for
github.com/go-gitea/gitea
(Go)
Apr 24, 2024
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could...
Moderate
Unreviewed
CVE-2024-21979
was published
Apr 23, 2024
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could...
Moderate
Unreviewed
CVE-2024-21972
was published
Apr 23, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in...
Low
Unreviewed
CVE-2024-3900
was published
Apr 17, 2024
Server communication with a controller can lead to remote code execution using a specially...
Moderate
Unreviewed
CVE-2023-5406
was published
Apr 17, 2024
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer...
Unknown
Unreviewed
CVE-2024-2961
was published
Apr 17, 2024
Server information leak for the CDA Server process memory can occur when an error is generated in...
Moderate
Unreviewed
CVE-2023-5405
was published
Apr 17, 2024
Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write...
High
Unreviewed
CVE-2024-30271
was published
Apr 11, 2024
Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write...
High
Unreviewed
CVE-2024-30272
was published
Apr 11, 2024
Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user...
Moderate
Unreviewed
CVE-2024-22448
was published
Apr 10, 2024
A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may...
Moderate
Unreviewed
CVE-2023-5912
was published
Apr 5, 2024
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti...
High
Unreviewed
CVE-2024-21894
was published
Apr 5, 2024
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x
22.x) and Ivanti...
High
Unreviewed
CVE-2024-22053
was published
Apr 4, 2024
Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in...
High
Unreviewed
CVE-2024-3298
was published
Apr 4, 2024
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-27339
was published
Apr 3, 2024
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-27342
was published
Apr 3, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-30355
was published
Apr 2, 2024
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-30349
was published
Apr 2, 2024
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-30348
was published
Apr 2, 2024
Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function...
Critical
Unreviewed
CVE-2024-30620
was published
Apr 2, 2024
Tenda AX1803 v1.0.0.1 contains a stack overflow via the serverName parameter in the function...
Critical
Unreviewed
CVE-2024-30621
was published
Apr 2, 2024
A Out-of-bounds Write issue affecting the v2_sdk_service running on a set of DJI drone devices on...
Moderate
Unreviewed
CVE-2023-51454
was published
Apr 2, 2024
ProTip!
Advisories are also available from the
GraphQL API