GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,976
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,534
NuGet
615
pip
3,104
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
459 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
tracing: Correct the length...
Critical
Unreviewed
CVE-2021-47274
was published
May 21, 2024
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is...
Critical
Unreviewed
CVE-2023-2597
was published
May 22, 2023
singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a...
Critical
Unreviewed
CVE-2022-28805
was published
Apr 9, 2022
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd...
Critical
Unreviewed
CVE-2023-38431
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request...
Critical
Unreviewed
CVE-2023-38430
was published
Jul 18, 2023
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific...
Critical
Unreviewed
CVE-2023-41910
was published
Sep 5, 2023
Possible out of bound read occurs while processing beaconing request due to lack of check on...
Critical
Unreviewed
CVE-2019-2276
was published
May 24, 2022
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level...
Critical
Unreviewed
CVE-2019-17040
was published
May 24, 2022
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can...
Critical
Unreviewed
CVE-2024-22004
was published
Apr 5, 2024
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of...
Critical
Unreviewed
CVE-2023-46569
was published
Oct 28, 2023
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr...
Critical
Unreviewed
CVE-2023-46570
was published
Oct 28, 2023
In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out...
Critical
Unreviewed
CVE-2023-35647
was published
Oct 11, 2023
In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out...
Critical
Unreviewed
CVE-2023-35648
was published
Oct 11, 2023
A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as...
Critical
Unreviewed
CVE-2023-28543
was published
Sep 5, 2023
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15...
Critical
Unreviewed
CVE-2023-37285
was published
Jul 28, 2023
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation...
Critical
Unreviewed
CVE-2023-29461
was published
Jul 6, 2023
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation...
Critical
Unreviewed
CVE-2023-29460
was published
Jul 6, 2023
An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause...
Critical
Unreviewed
CVE-2023-0645
was published
Jul 6, 2023
Vulnerability of missing input length verification in the distributed file system. Successful...
Critical
Unreviewed
CVE-2023-37240
was published
Jul 6, 2023
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their...
Critical
Unreviewed
CVE-2023-2989
was published
Jun 22, 2023
In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution...
Critical
Unreviewed
CVE-2023-21130
was published
Jun 15, 2023
The facial recognition TA of some products has the out-of-bounds memory read vulnerability....
Critical
Unreviewed
CVE-2022-48479
was published
May 26, 2023
The `news` MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that...
Critical
Unreviewed
CVE-2023-23301
was published
May 23, 2023
The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation...
Critical
Unreviewed
CVE-2022-48312
was published
Apr 16, 2023
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF(...
Critical
Unreviewed
CVE-2020-11895
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API