Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

605 advisories

Loading
A potential security vulnerability has been identified for certain HP multifunction printers ... Critical Unreviewed
CVE-2023-1329 was published Jun 14, 2023
A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The... Critical Unreviewed
CVE-2024-12373 was published Dec 18, 2024
Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2024-29646 was published Dec 18, 2024
iptraf-ng 1.2.1 has a stack-based buffer overflow. Critical Unreviewed
CVE-2024-52949 was published Dec 17, 2024
Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to... Critical Unreviewed
CVE-2024-29671 was published Dec 17, 2024
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115... Critical Unreviewed
CVE-2024-28639 was published Mar 16, 2024
Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a... Critical Unreviewed
CVE-2024-48956 was published Dec 9, 2024
The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow. Critical Unreviewed
CVE-2024-55564 was published Dec 9, 2024
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow... Critical Unreviewed
CVE-2022-23085 was published Feb 15, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-37863 was published Dec 6, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-37861 was published Dec 6, 2024
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer... Critical Unreviewed
CVE-2024-52533 was published Nov 12, 2024
Buffer Overflow vulnerability in SunBK201 umicat through v.0.3.2 and fixed in v.0.3.3 allows an... Critical Unreviewed
CVE-2024-48406 was published Nov 29, 2024
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of... Critical Unreviewed
CVE-2024-35366 was published Nov 29, 2024
An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software... Critical Unreviewed
CVE-2024-48984 was published Nov 20, 2024
D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in... Critical Unreviewed
CVE-2024-52759 was published Nov 19, 2024
Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function ... Critical Unreviewed
CVE-2024-52714 was published Nov 19, 2024
SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter. Critical Unreviewed
CVE-2024-25254 was published Nov 12, 2024
miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for... Critical Unreviewed
CVE-2015-20111 was published Nov 18, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit... Critical Unreviewed
CVE-2024-45970 was published Nov 15, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit... Critical Unreviewed
CVE-2024-45971 was published Nov 15, 2024
The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm... Critical Unreviewed
CVE-2024-50667 was published Nov 11, 2024
S-Lang 2.3.2 was discovered to contain a segmentation fault via the function fixup_tgetstr(). Critical Unreviewed
CVE-2023-45929 was published Mar 27, 2024
Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of... Critical Unreviewed
CVE-2024-10467 was published Oct 29, 2024
robdns commit d76d2e6 was discovered to contain a heap overflow via the component block->filename... Critical Unreviewed
CVE-2024-24192 was published Jun 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database