Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

182 advisories

Loading
Microsoft Office Graphics Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49031 was published Nov 12, 2024
A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated... Moderate Unreviewed
CVE-2024-9843 was published Nov 12, 2024
Transient DOS while parsing BTM ML IE when per STA profile is not included. High Unreviewed
CVE-2024-38403 was published Nov 4, 2024
Transient DOS while processing the CU information from RNR IE. High Unreviewed
CVE-2024-38405 was published Nov 4, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-43595 was published Oct 18, 2024
Windows Resilient File System (ReFS) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-43500 was published Oct 8, 2024
Information disclosure while parsing the multiple MBSSID IEs from the beacon. High Unreviewed
CVE-2024-33064 was published Oct 7, 2024
Transient DOS while parsing probe response and assoc response frame. High Unreviewed
CVE-2024-38397 was published Oct 7, 2024
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0. High Unreviewed
CVE-2024-33071 was published Oct 7, 2024
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of... High Unreviewed
CVE-2024-33049 was published Oct 7, 2024
Transient DOS while parsing ESP IE from beacon/probe response frame. High Unreviewed
CVE-2024-33070 was published Oct 7, 2024
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of... High Unreviewed
CVE-2024-33073 was published Oct 7, 2024
A flaw was found in freeimage library. Processing a crafted image can cause a buffer over-read of... High Unreviewed
CVE-2024-9029 was published Sep 27, 2024
Microsoft Windows Admin Center Information Disclosure Vulnerability High Unreviewed
CVE-2024-43475 was published Sep 10, 2024
Windows Graphics Component Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38250 was published Sep 10, 2024
Transient DOS while handling PS event when Program Service name length offset value is set to 255. Moderate Unreviewed
CVE-2024-33043 was published Sep 2, 2024
Memory corruption when the captureRead QDCM command is invoked from user-space. High Unreviewed
CVE-2024-33047 was published Sep 2, 2024
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length... High Unreviewed
CVE-2024-33050 was published Sep 2, 2024
Transient DOS while parsing the multi-link element Control field when common information length... High Unreviewed
CVE-2024-33057 was published Sep 2, 2024
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. High Unreviewed
CVE-2024-33048 was published Sep 2, 2024
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. High Unreviewed
CVE-2024-33051 was published Sep 2, 2024
Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the... High Unreviewed
CVE-2024-23364 was published Sep 2, 2024
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in... High Unreviewed
CVE-2024-23358 was published Sep 2, 2024
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message... High Unreviewed
CVE-2024-23359 was published Sep 2, 2024
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might... Moderate Unreviewed
CVE-2024-7347 was published Aug 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database