Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,413
Erlang
28
GitHub Actions
16
Go
1,653
Maven
4,915
npm
3,441
NuGet
594
pip
2,821
Pub
10
RubyGems
823
Rust
762
Swift
34
Unreviewed advisories
All unreviewed
5,000+

8,620 advisories

A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated,... Moderate Unreviewed
CVE-2024-20357 was published May 1, 2024
A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an... High Unreviewed
CVE-2024-20376 was published May 1, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a... Low Unreviewed
CVE-2024-4141 was published Apr 24, 2024
Buffer Overflow in gitea High
CVE-2021-3382 was published for github.com/go-gitea/gitea (Go) Apr 24, 2024
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could... Moderate Unreviewed
CVE-2024-21979 was published Apr 23, 2024
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could... Moderate Unreviewed
CVE-2024-21972 was published Apr 23, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in... Low Unreviewed
CVE-2024-3900 was published Apr 17, 2024
Server communication with a controller can lead to remote code execution using a specially... Moderate Unreviewed
CVE-2023-5406 was published Apr 17, 2024
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer... Unknown Unreviewed
CVE-2024-2961 was published Apr 17, 2024
Server information leak for the CDA Server process memory can occur when an error is generated in... Moderate Unreviewed
CVE-2023-5405 was published Apr 17, 2024
Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2024-30271 was published Apr 11, 2024
Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2024-30272 was published Apr 11, 2024
Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user... Moderate Unreviewed
CVE-2024-22448 was published Apr 10, 2024
A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may... Moderate Unreviewed
CVE-2023-5912 was published Apr 5, 2024
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti... High Unreviewed
CVE-2024-21894 was published Apr 5, 2024
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti... High Unreviewed
CVE-2024-22053 was published Apr 4, 2024
Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in... High Unreviewed
CVE-2024-3298 was published Apr 4, 2024
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-27339 was published Apr 3, 2024
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-27342 was published Apr 3, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-30355 was published Apr 2, 2024
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-30349 was published Apr 2, 2024
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-30348 was published Apr 2, 2024
Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function... Critical Unreviewed
CVE-2024-30620 was published Apr 2, 2024
Tenda AX1803 v1.0.0.1 contains a stack overflow via the serverName parameter in the function... Critical Unreviewed
CVE-2024-30621 was published Apr 2, 2024
A Out-of-bounds Write issue affecting the v2_sdk_service running on a set of DJI drone devices on... Moderate Unreviewed
CVE-2023-51454 was published Apr 2, 2024
ProTip! Advisories are also available from the GraphQL API