Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,872
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,951
npm
3,480
NuGet
605
pip
3,042
Pub
10
RubyGems
832
Rust
777
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,710 advisories

Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers... Moderate Unreviewed
CVE-2023-25952 was published Nov 14, 2023
json-path Out-of-bounds Write vulnerability Moderate
CVE-2023-51074 was published for com.jayway.jsonpath:json-path (Maven) Dec 27, 2023
phrabec SunBK201
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at ... Moderate Unreviewed
CVE-2023-29582 was published Apr 24, 2023
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when... Moderate Unreviewed
CVE-2023-6693 was published Jan 2, 2024
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms()... Moderate Unreviewed
CVE-2023-43785 was published Oct 10, 2023
Out of bounds write in firmware for some Intel(R) FPGA products before version 2.9.0 may allow... Moderate Unreviewed
CVE-2023-49614 was published May 16, 2024
Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that... Moderate Unreviewed
CVE-2023-6129 was published Jan 9, 2024
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF... Moderate Unreviewed
CVE-2023-6228 was published Dec 28, 2023
Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree Moderate
CVE-2024-29133 was published for org.apache.commons:commons-configuration2 (Maven) Mar 21, 2024
oscerd
Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() Moderate
CVE-2024-29131 was published for org.apache.commons:commons-configuration2 (Maven) Mar 21, 2024
oscerd
A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated,... Moderate Unreviewed
CVE-2024-20357 was published May 1, 2024
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition... Moderate Unreviewed
CVE-2023-40548 was published Jan 29, 2024
A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file.... Moderate Unreviewed
CVE-2023-23456 was published Jan 12, 2023
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could... Moderate Unreviewed
CVE-2024-21979 was published Apr 23, 2024
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could... Moderate Unreviewed
CVE-2024-21972 was published Apr 23, 2024
Memory corruption in Audio while calling START command on host voice PCM multiple times for the... Moderate Unreviewed
CVE-2023-33067 was published Feb 6, 2024
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache. Moderate Unreviewed
CVE-2023-28580 was published Dec 5, 2023
Server information leak for the CDA Server process memory can occur when an error is generated in... Moderate Unreviewed
CVE-2023-5405 was published Apr 17, 2024
Server communication with a controller can lead to remote code execution using a specially... Moderate Unreviewed
CVE-2023-5406 was published Apr 17, 2024
Memory corruption while receiving a message in Bus Socket Transport Server. Moderate Unreviewed
CVE-2023-33038 was published Jan 2, 2024
Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM. Moderate Unreviewed
CVE-2023-21634 was published Dec 5, 2023
Memory Corruption in camera while installing a fd for a particular DMA buffer. Moderate Unreviewed
CVE-2023-22383 was published Dec 5, 2023
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx... Moderate Unreviewed
CVE-2021-46931 was published Feb 27, 2024
In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-33896 was published Jul 12, 2023
axTLS v2.1.5 was discovered to contain a heap buffer overflow in the bi_import function in axtls... Moderate Unreviewed
CVE-2023-33613 was published Jun 6, 2023
ProTip! Advisories are also available from the GraphQL API