Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,449
Erlang
29
GitHub Actions
16
Go
1,669
Maven
4,929
npm
3,464
NuGet
595
pip
2,880
Pub
10
RubyGems
824
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+

264 advisories

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution... High Unreviewed
CVE-2023-40477 was published May 3, 2024
BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-27349 was published May 3, 2024
A Improper Validation of Array Index issue affecting the v2_sdk_service running on a set of DJI... Moderate Unreviewed
CVE-2023-51455 was published Apr 2, 2024
Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in... Moderate Unreviewed
CVE-2023-33111 was published Apr 1, 2024
Improper validation of array index vulnerability in UserPrivilege.Enum webapi component in... Moderate Unreviewed
CVE-2024-29231 was published Mar 28, 2024
Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an... High Unreviewed
CVE-2024-0901 was published Mar 26, 2024
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers... Moderate Unreviewed
CVE-2020-36776 was published Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix... High Unreviewed
CVE-2023-52451 was published Feb 22, 2024
Improper Validation of Array Index in github.com/greenpau/caddy-security Moderate
CVE-2024-21493 was published for github.com/greenpau/caddy-security (Go) Feb 17, 2024
Vyper array negative index vulnerability Critical
CVE-2024-24563 was published for vyper (pip) Feb 7, 2024
cyberthirst iFrostizz
Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE... High Unreviewed
CVE-2023-43535 was published Feb 6, 2024
tiny-curl-8_4_0 , curl-8_4_0 and curl-8_5_0 were discovered to contain an off-by-one out-of... Moderate Unreviewed
CVE-2023-52071 was published Jan 30, 2024
Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort... High Unreviewed
CVE-2023-39234 was published Jan 8, 2024
Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort... High Unreviewed
CVE-2023-39235 was published Jan 8, 2024
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta... High Unreviewed
CVE-2023-35997 was published Jan 8, 2024
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta... High Unreviewed
CVE-2023-35995 was published Jan 8, 2024
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta... High Unreviewed
CVE-2023-35996 was published Jan 8, 2024
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta... High Unreviewed
CVE-2023-35994 was published Jan 8, 2024
Memory corruption in Kernel while parsing metadata. High Unreviewed
CVE-2023-33053 was published Dec 5, 2023
A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability... Moderate Unreviewed
CVE-2023-6298 was published Nov 27, 2023
An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles"... High Unreviewed
CVE-2023-35126 was published Oct 19, 2023
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. High Unreviewed
CVE-2023-24850 was published Oct 3, 2023
Memory corruption in WLAN handler while processing PhyID in Tx status handler. High Unreviewed
CVE-2023-28558 was published Sep 5, 2023
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. High Unreviewed
CVE-2023-28557 was published Sep 5, 2023
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. High Unreviewed
CVE-2023-28548 was published Sep 5, 2023
ProTip! Advisories are also available from the GraphQL API