GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,840 advisories
Filter by severity
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in...
Critical
Unreviewed
CVE-2023-50985
was published
Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the...
Critical
Unreviewed
CVE-2023-50984
was published
Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the...
Critical
Unreviewed
CVE-2023-50987
was published
Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter...
Critical
Unreviewed
CVE-2023-50990
was published
Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the...
Critical
Unreviewed
CVE-2023-50986
was published
Dec 21, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46223
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46224
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46259
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46225
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46222
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46257
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46261
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46221
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46220
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46258
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-41727
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46217
was published
Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory...
Critical
Unreviewed
CVE-2023-46216
was published
Dec 19, 2023
In MicroHttpServer (aka Micro HTTP Server) through 4398570, _ReadStaticFiles in lib/middleware.c...
Critical
Unreviewed
CVE-2023-50965
was published
Dec 17, 2023
The handler of the retrofit validation command doesn't properly check the boundaries when...
Critical
Unreviewed
CVE-2023-33219
was published
Dec 15, 2023
During the retrofit validation process, the firmware doesn't properly check the boundaries...
Critical
Unreviewed
CVE-2023-33220
was published
Dec 15, 2023
The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack...
Critical
Unreviewed
CVE-2023-33218
was published
Dec 15, 2023
TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg.
Critical
Unreviewed
CVE-2023-49417
was published
Dec 11, 2023
TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules.
Critical
Unreviewed
CVE-2023-49418
was published
Dec 11, 2023
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows...
Critical
Unreviewed
CVE-2023-46932
was published
Dec 9, 2023
ProTip!
Advisories are also available from the
GraphQL API