Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,399 advisories

Loading
Dulwich Buffer Overflow when handling pack files Critical
CVE-2015-0838 was published for dulwich (pip) May 17, 2022
Potential memory corruption in arrayfire Critical
CVE-2018-20998 was published for arrayfire (pip) Aug 25, 2021
westonsteimel
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of... Critical Unreviewed
CVE-2024-8387 was published Sep 3, 2024
aubio Buffer Overflow vulnerability Critical
CVE-2018-19800 was published for aubio (pip) Jul 26, 2019
Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory... Critical Unreviewed
CVE-2024-8389 was published Sep 3, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input... Critical Unreviewed
CVE-2024-45169 was published Aug 22, 2024
In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0... Critical Unreviewed
CVE-2021-31617 was published Feb 8, 2022
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to... Critical Unreviewed
CVE-2024-20082 was published Aug 14, 2024
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before.... Critical Unreviewed
CVE-2024-22080 was published Mar 20, 2024
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet... Critical Unreviewed
CVE-2017-7269 was published May 14, 2022
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By... Critical Unreviewed
CVE-2018-6789 was published May 13, 2022
The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when... Critical Unreviewed
CVE-2016-10174 was published May 17, 2022
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a... Critical Unreviewed
CVE-2017-12240 was published May 13, 2022
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid HDCP... Critical Unreviewed
CVE-2021-47348 was published May 21, 2024
xmlquery lacks check for whether LoadURL response is in XML format, causing denial of service Critical
CVE-2020-25614 was published for github.com/antchfx/xmlquery (Go) Oct 7, 2022
Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix)... Critical Unreviewed
CVE-2017-7938 was published May 17, 2022
A flaw was found in libcaca. A heap buffer overflow in export.c in function export_tga might lead... Critical Unreviewed
CVE-2021-30498 was published May 24, 2022
A flaw was found in libcaca. A buffer overflow of export.c in function export_troff might lead to... Critical Unreviewed
CVE-2021-30499 was published May 24, 2022
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. Critical Unreviewed
CVE-2023-28581 was published Sep 5, 2023
SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is... Critical Unreviewed
CVE-2018-20817 was published May 24, 2022
IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable... Critical Unreviewed
CVE-2024-25029 was published Apr 6, 2024
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow... Critical Unreviewed
CVE-2021-33797 was published Apr 18, 2023
Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send... Critical Unreviewed
CVE-2023-4494 was published Oct 4, 2023
Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of... Critical Unreviewed
CVE-2023-4491 was published Oct 4, 2023
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... Critical Unreviewed
CVE-2023-44023 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API