GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
5,495 advisories
Filter by severity
Malicious software running in a guest VM can exploit the buffer overflow to achieve code...
High
Unreviewed
CVE-2024-41928
was published
Sep 5, 2024
A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and...
Moderate
Unreviewed
CVE-2024-20505
was published
Sep 5, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Fix out-of-bounds...
High
Unreviewed
CVE-2024-44993
was published
Sep 4, 2024
Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR.
Moderate
Unreviewed
CVE-2024-34658
was published
Sep 4, 2024
Transient DOS while parsing the multi-link element Control field when common information length...
High
Unreviewed
CVE-2024-33057
was published
Sep 2, 2024
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length...
High
Unreviewed
CVE-2024-33050
was published
Sep 2, 2024
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
High
Unreviewed
CVE-2024-33051
was published
Sep 2, 2024
Memory corruption when the captureRead QDCM command is invoked from user-space.
High
Unreviewed
CVE-2024-33047
was published
Sep 2, 2024
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
High
Unreviewed
CVE-2024-33048
was published
Sep 2, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through...
Moderate
Unreviewed
CVE-2024-38382
was published
Sep 2, 2024
in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through...
Moderate
Unreviewed
CVE-2024-39775
was published
Sep 2, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through...
Moderate
Unreviewed
CVE-2024-39612
was published
Sep 2, 2024
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2024-20088
was published
Sep 2, 2024
In power, there is a possible out of bounds read due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2024-20084
was published
Sep 2, 2024
In power, there is a possible out of bounds read due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2024-20085
was published
Sep 2, 2024
NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a...
Low
Unreviewed
CVE-2024-0109
was published
Aug 31, 2024
In function MatchDomainName(), input param str is treated as a NULL terminated string despite...
Critical
Unreviewed
CVE-2024-5991
was published
Aug 27, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38210
was published
Aug 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix crash due to out of...
Moderate
Unreviewed
CVE-2022-48929
was published
Aug 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: DR, Fix slab-out...
Moderate
Unreviewed
CVE-2022-48932
was published
Aug 22, 2024
Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote...
High
Unreviewed
CVE-2024-7966
was published
Aug 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
tty: serial: qcom-geni...
High
Unreviewed
CVE-2022-48871
was published
Aug 21, 2024
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might...
Moderate
Unreviewed
CVE-2024-7347
was published
Aug 14, 2024
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are...
High
Unreviewed
CVE-2024-39426
was published
Aug 14, 2024
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are...
Moderate
Unreviewed
CVE-2024-41833
was published
Aug 14, 2024
ProTip!
Advisories are also available from the
GraphQL API