Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,727
Erlang
29
GitHub Actions
16
Go
1,709
Maven
4,946
npm
3,474
NuGet
605
pip
3,000
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

41 advisories

A Improper Validation of Array Index issue affecting the v2_sdk_service running on a set of DJI... Moderate Unreviewed
CVE-2023-51455 was published Apr 2, 2024
Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in... Moderate Unreviewed
CVE-2023-33111 was published Apr 1, 2024
Improper validation of array index vulnerability in UserPrivilege.Enum webapi component in... Moderate Unreviewed
CVE-2024-29231 was published Mar 28, 2024
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers... Moderate Unreviewed
CVE-2020-36776 was published Feb 27, 2024
Improper Validation of Array Index in github.com/greenpau/caddy-security Moderate
CVE-2024-21493 was published for github.com/greenpau/caddy-security (Go) Feb 17, 2024
tiny-curl-8_4_0 , curl-8_4_0 and curl-8_5_0 were discovered to contain an off-by-one out-of... Moderate Unreviewed
CVE-2023-52071 was published Jan 30, 2024
A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability... Moderate Unreviewed
CVE-2023-6298 was published Nov 27, 2023
Index out of bounds leading to crash Moderate
CVE-2023-36307 was published for simonwaldherr.de/go/zplgfa (Go) Sep 5, 2023
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU... Moderate Unreviewed
CVE-2022-33289 was published Apr 13, 2023
In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2023-20633 was published Mar 7, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47347 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47348 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47346 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47343 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47345 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47344 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47342 was published Feb 12, 2023
Denial of Service in dhowden/tag Moderate
CVE-2020-29242 was published for github.com/dhowden/tag (Go) Feb 7, 2023
If array shift operations are not used, the Garbage Collector may have become confused about... Moderate Unreviewed
CVE-2022-31745 was published Dec 22, 2022
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x... Moderate Unreviewed
CVE-2022-42011 was published Oct 10, 2022
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic Moderate
CVE-2020-15112 was published for go.etcd.io/etcd/v3 (Go) Oct 6, 2022
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high... Moderate Unreviewed
CVE-2022-31603 was published Jul 5, 2022
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free... Moderate Unreviewed
CVE-2021-35121 was published Jun 15, 2022
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for... Moderate Unreviewed
CVE-2021-1117 was published May 24, 2022
dhowden tag panic due to out-of-bounds read Moderate
CVE-2020-29245 was published for github.com/dhowden/tag (Go) May 24, 2022
ProTip! Advisories are also available from the GraphQL API