GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,399 advisories
Filter by severity
Dulwich Buffer Overflow when handling pack files
Critical
CVE-2015-0838
was published
for
dulwich
(pip)
May 17, 2022
Potential memory corruption in arrayfire
Critical
CVE-2018-20998
was published
for
arrayfire
(pip)
Aug 25, 2021
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of...
Critical
Unreviewed
CVE-2024-8387
was published
Sep 3, 2024
aubio Buffer Overflow vulnerability
Critical
CVE-2018-19800
was published
for
aubio
(pip)
Jul 26, 2019
Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory...
Critical
Unreviewed
CVE-2024-8389
was published
Sep 3, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input...
Critical
Unreviewed
CVE-2024-45169
was published
Aug 22, 2024
In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0...
Critical
Unreviewed
CVE-2021-31617
was published
Feb 8, 2022
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to...
Critical
Unreviewed
CVE-2024-20082
was published
Aug 14, 2024
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before....
Critical
Unreviewed
CVE-2024-22080
was published
Mar 20, 2024
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet...
Critical
Unreviewed
CVE-2017-7269
was published
May 14, 2022
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By...
Critical
Unreviewed
CVE-2018-6789
was published
May 13, 2022
The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when...
Critical
Unreviewed
CVE-2016-10174
was published
May 17, 2022
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a...
Critical
Unreviewed
CVE-2017-12240
was published
May 13, 2022
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Avoid HDCP...
Critical
Unreviewed
CVE-2021-47348
was published
May 21, 2024
xmlquery lacks check for whether LoadURL response is in XML format, causing denial of service
Critical
CVE-2020-25614
was published
for
github.com/antchfx/xmlquery
(Go)
Oct 7, 2022
Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix)...
Critical
Unreviewed
CVE-2017-7938
was published
May 17, 2022
A flaw was found in libcaca. A heap buffer overflow in export.c in function export_tga might lead...
Critical
Unreviewed
CVE-2021-30498
was published
May 24, 2022
A flaw was found in libcaca. A buffer overflow of export.c in function export_troff might lead to...
Critical
Unreviewed
CVE-2021-30499
was published
May 24, 2022
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.
Critical
Unreviewed
CVE-2023-28581
was published
Sep 5, 2023
SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is...
Critical
Unreviewed
CVE-2018-20817
was published
May 24, 2022
IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable...
Critical
Unreviewed
CVE-2024-25029
was published
Apr 6, 2024
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow...
Critical
Unreviewed
CVE-2021-33797
was published
Apr 18, 2023
Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send...
Critical
Unreviewed
CVE-2023-4494
was published
Oct 4, 2023
Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of...
Critical
Unreviewed
CVE-2023-4491
was published
Oct 4, 2023
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack...
Critical
Unreviewed
CVE-2023-44023
was published
Sep 27, 2023
ProTip!
Advisories are also available from the
GraphQL API