Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

238 advisories

Loading
In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation... High Unreviewed
CVE-2024-8376 was published Oct 11, 2024
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
andrewpollock
Pyopenssl Incorrect Memory Management High
CVE-2018-1000808 was published for pyopenssl (pip) Oct 10, 2018
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-47493 was published Oct 11, 2024
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software... High Unreviewed
CVE-2024-20304 was published Sep 11, 2024
ic-cdk has a memory leak when calling a canister method via `ic_cdk::call` High
CVE-2024-7884 was published for ic_cdk (Rust) Sep 5, 2024
adamspofford-dfinity
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and... High Unreviewed
CVE-2024-44964 was published Sep 4, 2024
Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchmark/main.c. High Unreviewed
CVE-2024-27508 was published Feb 27, 2024
libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/apps/ts2las.cpp. High Unreviewed
CVE-2024-27507 was published Feb 27, 2024
A memory leak issue discovered in parseSWF_FREECHARACTER in libming v0.4.8 allows attackers to... High Unreviewed
CVE-2024-24148 was published Feb 28, 2024
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The... High Unreviewed
CVE-2023-32247 was published Jul 24, 2023
Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in... High Unreviewed
CVE-2021-28665 was published May 24, 2022
A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of... High Unreviewed
CVE-2024-39550 was published Jul 11, 2024
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon ... High Unreviewed
CVE-2024-39549 was published Jul 11, 2024
In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak... High Unreviewed
CVE-2022-48855 was published Jul 16, 2024
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and... High Unreviewed
CVE-2018-0158 was published May 13, 2022
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple... High Unreviewed
CVE-2023-41102 was published Nov 17, 2023
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object. High Unreviewed
CVE-2022-43272 was published Dec 2, 2022
DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all... High Unreviewed
CVE-2021-41690 was published Jun 29, 2022
DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for... High Unreviewed
CVE-2021-41687 was published Jun 29, 2022
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt... High Unreviewed
CVE-2023-26257 was published Feb 27, 2023
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions... High Unreviewed
CVE-2023-38380 was published Dec 12, 2023
MsQuic Remote Denial of Service Vulnerability High
CVE-2023-36435 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All... High Unreviewed
CVE-2022-38371 was published Oct 11, 2022
Transient DOS while processing IE fragments from server during DTLS handshake. High Unreviewed
CVE-2023-33084 was published Mar 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database