Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,840 advisories

Loading
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in... Critical Unreviewed
CVE-2023-50985 was published Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the... Critical Unreviewed
CVE-2023-50984 was published Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the... Critical Unreviewed
CVE-2023-50987 was published Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter... Critical Unreviewed
CVE-2023-50990 was published Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the... Critical Unreviewed
CVE-2023-50986 was published Dec 21, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46223 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46224 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46259 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46225 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46222 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46257 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46261 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46221 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46220 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46258 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-41727 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46217 was published Dec 19, 2023
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory... Critical Unreviewed
CVE-2023-46216 was published Dec 19, 2023
In MicroHttpServer (aka Micro HTTP Server) through 4398570, _ReadStaticFiles in lib/middleware.c... Critical Unreviewed
CVE-2023-50965 was published Dec 17, 2023
The handler of the retrofit validation command doesn't properly check the boundaries when... Critical Unreviewed
CVE-2023-33219 was published Dec 15, 2023
During the retrofit validation process, the firmware doesn't properly check the boundaries... Critical Unreviewed
CVE-2023-33220 was published Dec 15, 2023
The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack... Critical Unreviewed
CVE-2023-33218 was published Dec 15, 2023
TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg. Critical Unreviewed
CVE-2023-49417 was published Dec 11, 2023
TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules. Critical Unreviewed
CVE-2023-49418 was published Dec 11, 2023
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows... Critical Unreviewed
CVE-2023-46932 was published Dec 9, 2023
ProTip! Advisories are also available from the GraphQL API