GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,029 advisories
Filter by severity
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-38104
was published
May 3, 2024
GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-37327
was published
May 3, 2024
An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an...
High
Unreviewed
CVE-2024-34402
was published
May 3, 2024
An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an...
Moderate
Unreviewed
CVE-2024-34403
was published
May 3, 2024
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c...
Critical
Unreviewed
CVE-2023-47212
was published
May 1, 2024
An integer overflow or wraparound vulnerability has been reported to affect several QNAP...
Moderate
Unreviewed
CVE-2024-21905
was published
Apr 26, 2024
An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3...
High
Unreviewed
CVE-2024-23531
was published
Apr 19, 2024
An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a...
High
Unreviewed
CVE-2024-31031
was published
Apr 17, 2024
Animate versions 23.0.4, 24.0.1 and earlier are affected by an Integer Overflow or Wraparound...
High
Unreviewed
CVE-2024-20795
was published
Apr 11, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28929
was published
Apr 9, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28931
was published
Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-28923
was published
Apr 9, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28936
was published
Apr 9, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28942
was published
Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-26171
was published
Apr 9, 2024
An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to...
Low
Unreviewed
CVE-2024-31047
was published
Apr 9, 2024
In battery, there is a possible escalation of privilege due to an integer overflow. This could...
Moderate
Unreviewed
CVE-2024-20046
was published
Apr 1, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series...
Critical
Unreviewed
CVE-2024-1917
was published
Mar 15, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series...
Critical
Unreviewed
CVE-2024-0803
was published
Mar 15, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series...
Critical
Unreviewed
CVE-2024-1916
was published
Mar 15, 2024
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker...
Moderate
Unreviewed
CVE-2024-22396
was published
Mar 14, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21450
was published
Mar 12, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21441
was published
Mar 12, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21444
was published
Mar 12, 2024
Memory corruption while processing a QMI request for allocating memory from a DHMS supported...
High
Unreviewed
CVE-2023-43550
was published
Mar 4, 2024
ProTip!
Advisories are also available from the
GraphQL API