GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,804 advisories
Filter by severity
Improper Input Validation vulnerability in Hitachi Energy MicroSCADA X SYS600 while reading a...
Moderate
Unreviewed
CVE-2022-1778
was published
Sep 15, 2022
Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct...
Moderate
Unreviewed
CVE-2024-27243
was published
May 15, 2024
Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the...
Moderate
Unreviewed
CVE-2023-28601
was published
Jun 13, 2023
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated...
Moderate
Unreviewed
CVE-2023-35012
was published
Jul 17, 2023
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the...
Moderate
Unreviewed
CVE-2023-40661
was published
Nov 6, 2023
A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker...
Moderate
Unreviewed
CVE-2023-2290
was published
Jun 26, 2023
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote...
Moderate
Unreviewed
CVE-2018-16647
was published
May 13, 2022
The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote...
Moderate
Unreviewed
CVE-2016-10221
was published
May 17, 2022
In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers...
Moderate
Unreviewed
CVE-2018-6192
was published
May 14, 2022
In the Linux kernel, the following vulnerability has been resolved:
net: prevent mss overflow in...
Moderate
Unreviewed
CVE-2023-52435
was published
Feb 20, 2024
memory corruption when an invalid firehose patch command is invoked.
Moderate
Unreviewed
CVE-2024-33016
was published
Sep 2, 2024
swftools v0.9.2 was discovered to contain a segmentation violation via the function state_free at...
Moderate
Unreviewed
CVE-2024-26335
was published
Mar 5, 2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix crash due to...
Moderate
Unreviewed
CVE-2022-48940
was published
Aug 22, 2024
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to...
Moderate
Unreviewed
CVE-2023-31355
was published
Aug 5, 2024
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory...
Moderate
Unreviewed
CVE-2021-3407
was published
May 24, 2022
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and...
Moderate
Unreviewed
CVE-2013-1675
was published
May 17, 2022
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously...
Moderate
Unreviewed
CVE-2023-1729
was published
May 16, 2023
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft...
Moderate
Unreviewed
CVE-2013-3660
was published
May 14, 2022
In the Linux kernel, the following vulnerability has been resolved:
virtio-net: fix pages...
Moderate
Unreviewed
CVE-2021-47367
was published
May 21, 2024
Improper input validation in Intel(R) Media SDK software all versions may allow an authenticated...
Moderate
Unreviewed
CVE-2023-48368
was published
May 16, 2024
Improper conditions check in some Intel(R) BIOS PPAM firmware may allow a privileged user to...
Moderate
Unreviewed
CVE-2023-28383
was published
May 16, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3,...
Moderate
Unreviewed
CVE-2024-27791
was published
Apr 24, 2024
** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly...
Moderate
Unreviewed
CVE-2013-3245
was published
May 17, 2022
Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8...
Moderate
Unreviewed
CVE-2017-0022
was published
May 17, 2022
Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses...
Moderate
Unreviewed
CVE-2024-21482
was published
Jul 1, 2024
ProTip!
Advisories are also available from the
GraphQL API