Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129 advisories

Loading
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer... Unknown Unreviewed
CVE-2024-2961 was published Apr 17, 2024
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow... Unknown Unreviewed
CVE-2022-23085 was published Feb 15, 2024
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow... Moderate Unreviewed
CVE-2023-28870 was published Dec 9, 2023
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in... Critical Unreviewed
CVE-2022-36648 was published Aug 22, 2023
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially... High Unreviewed
CVE-2022-4139 was published Jul 6, 2023
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4... High Unreviewed
CVE-2022-33179 was published Jul 6, 2023
An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly... High Unreviewed
CVE-2022-48502 was published May 31, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-28644 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-28642 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-28643 was published Mar 29, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2022-28645 was published Mar 29, 2023
An high privileged attacker may pass crafted arguments to the validate function of csaf-validator... Moderate Unreviewed
CVE-2022-47924 was published Mar 27, 2023
The validate JSON endpoint of the Secvisogram csaf-validator-service in versions < 0.1.0... Moderate Unreviewed
CVE-2022-47925 was published Mar 27, 2023
Improper removal of sensitive data in the entry edit feature of Hub Business submodule in... Moderate Unreviewed
CVE-2023-1203 was published Mar 10, 2023
A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and... Moderate Unreviewed
CVE-2022-3857 was published Mar 7, 2023
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer... High Unreviewed
CVE-2022-48281 was published Jan 23, 2023
Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to... High Unreviewed
CVE-2022-46334 was published Dec 21, 2022
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead... High Unreviewed
CVE-2022-2601 was published Dec 14, 2022
A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19... High Unreviewed
CVE-2022-43548 was published Dec 6, 2022
Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM... High Unreviewed
CVE-2022-29277 was published Nov 16, 2022
A vulnerability was found in vim and classified as problematic. Affected by this issue is the... High Unreviewed
CVE-2022-3705 was published Oct 27, 2022
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to... High Unreviewed
CVE-2022-42939 was published Oct 21, 2022
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to... High Unreviewed
CVE-2022-42940 was published Oct 21, 2022
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could... High Unreviewed
CVE-2022-42943 was published Oct 21, 2022
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could... High Unreviewed
CVE-2022-42944 was published Oct 21, 2022
ProTip! Advisories are also available from the GraphQL API