GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,948
Erlang
29
GitHub Actions
16
Go
1,739
Maven
4,967
npm
3,504
NuGet
607
pip
3,064
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+
476 advisories
Filter by severity
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can...
Critical
Unreviewed
CVE-2024-22004
was published
Apr 5, 2024
Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through...
Critical
Unreviewed
CVE-2021-42147
was published
Jan 24, 2024
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows...
Critical
Unreviewed
CVE-2021-42144
was published
Jan 24, 2024
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko...
Critical
Unreviewed
CVE-2023-4280
was published
Jan 2, 2024
An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows...
Critical
Unreviewed
CVE-2023-42536
was published
Nov 13, 2023
An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows...
Critical
Unreviewed
CVE-2023-42537
was published
Nov 13, 2023
An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1...
Critical
Unreviewed
CVE-2023-42538
was published
Nov 13, 2023
exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.
Critical
Unreviewed
CVE-2023-45897
was published
Oct 28, 2023
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr...
Critical
Unreviewed
CVE-2023-46570
was published
Oct 28, 2023
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of...
Critical
Unreviewed
CVE-2023-46569
was published
Oct 28, 2023
In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out...
Critical
Unreviewed
CVE-2023-35648
was published
Oct 11, 2023
In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out...
Critical
Unreviewed
CVE-2023-35647
was published
Oct 11, 2023
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific...
Critical
Unreviewed
CVE-2023-41910
was published
Sep 5, 2023
A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as...
Critical
Unreviewed
CVE-2023-28543
was published
Sep 5, 2023
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in...
Critical
Unreviewed
CVE-2023-41359
was published
Aug 29, 2023
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte...
Critical
Unreviewed
CVE-2023-41360
was published
Aug 29, 2023
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15...
Critical
Unreviewed
CVE-2023-37285
was published
Jul 28, 2023
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an...
Critical
Unreviewed
CVE-2023-38427
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in...
Critical
Unreviewed
CVE-2023-38426
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does...
Critical
Unreviewed
CVE-2023-38432
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not...
Critical
Unreviewed
CVE-2023-38428
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request...
Critical
Unreviewed
CVE-2023-38430
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd...
Critical
Unreviewed
CVE-2023-38431
was published
Jul 18, 2023
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation...
Critical
Unreviewed
CVE-2023-29461
was published
Jul 6, 2023
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation...
Critical
Unreviewed
CVE-2023-29460
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API