GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,872
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,951
npm
3,480
NuGet
605
pip
3,042
Pub
10
RubyGems
832
Rust
777
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,710 advisories
Filter by severity
Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers...
Moderate
Unreviewed
CVE-2023-25952
was published
Nov 14, 2023
json-path Out-of-bounds Write vulnerability
Moderate
CVE-2023-51074
was published
for
com.jayway.jsonpath:json-path
(Maven)
Dec 27, 2023
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at ...
Moderate
Unreviewed
CVE-2023-29582
was published
Apr 24, 2023
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when...
Moderate
Unreviewed
CVE-2023-6693
was published
Jan 2, 2024
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms()...
Moderate
Unreviewed
CVE-2023-43785
was published
Oct 10, 2023
Out of bounds write in firmware for some Intel(R) FPGA products before version 2.9.0 may allow...
Moderate
Unreviewed
CVE-2023-49614
was published
May 16, 2024
Issue summary: The POLY1305 MAC (message authentication code) implementation
contains a bug that...
Moderate
Unreviewed
CVE-2023-6129
was published
Jan 9, 2024
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF...
Moderate
Unreviewed
CVE-2023-6228
was published
Dec 28, 2023
Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
Moderate
CVE-2024-29133
was published
for
org.apache.commons:commons-configuration2
(Maven)
Mar 21, 2024
Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
Moderate
CVE-2024-29131
was published
for
org.apache.commons:commons-configuration2
(Maven)
Mar 21, 2024
A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2024-20357
was published
May 1, 2024
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition...
Moderate
Unreviewed
CVE-2023-40548
was published
Jan 29, 2024
A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file....
Moderate
Unreviewed
CVE-2023-23456
was published
Jan 12, 2023
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could...
Moderate
Unreviewed
CVE-2024-21979
was published
Apr 23, 2024
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could...
Moderate
Unreviewed
CVE-2024-21972
was published
Apr 23, 2024
Memory corruption in Audio while calling START command on host voice PCM multiple times for the...
Moderate
Unreviewed
CVE-2023-33067
was published
Feb 6, 2024
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.
Moderate
Unreviewed
CVE-2023-28580
was published
Dec 5, 2023
Server information leak for the CDA Server process memory can occur when an error is generated in...
Moderate
Unreviewed
CVE-2023-5405
was published
Apr 17, 2024
Server communication with a controller can lead to remote code execution using a specially...
Moderate
Unreviewed
CVE-2023-5406
was published
Apr 17, 2024
Memory corruption while receiving a message in Bus Socket Transport Server.
Moderate
Unreviewed
CVE-2023-33038
was published
Jan 2, 2024
Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.
Moderate
Unreviewed
CVE-2023-21634
was published
Dec 5, 2023
Memory Corruption in camera while installing a fd for a particular DMA buffer.
Moderate
Unreviewed
CVE-2023-22383
was published
Dec 5, 2023
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Wrap the tx...
Moderate
Unreviewed
CVE-2021-46931
was published
Feb 27, 2024
In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-33896
was published
Jul 12, 2023
axTLS v2.1.5 was discovered to contain a heap buffer overflow in the bi_import function in axtls...
Moderate
Unreviewed
CVE-2023-33613
was published
Jun 6, 2023
ProTip!
Advisories are also available from the
GraphQL API