Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,246
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

385 advisories

Loading
Buffer Copy without Checking Size of Input (CWE-120) in the Controller 6000 and Controller 7000... Moderate Unreviewed
CVE-2024-24972 was published Sep 11, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2023-51367 was published Sep 6, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2024-32763 was published Sep 6, 2024
jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512. Moderate Unreviewed
CVE-2023-46363 was published Nov 8, 2023
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via... Moderate Unreviewed
CVE-2024-33773 was published May 14, 2024
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4... Moderate Unreviewed
CVE-2024-6343 was published Sep 3, 2024
The MPD package included in TwinCAT/BSD allows an authenticated, low-privileged local attacker to... Moderate Unreviewed
CVE-2024-41176 was published Aug 27, 2024
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/formWPS,... Moderate Unreviewed
CVE-2024-33771 was published May 14, 2024
In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent... Moderate Unreviewed
CVE-2024-41038 was published Jul 29, 2024
In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Return... Moderate Unreviewed
CVE-2024-42238 was published Aug 7, 2024
A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC... Moderate Unreviewed
CVE-2023-50821 was published Apr 9, 2024
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password... Moderate Unreviewed
CVE-2024-37632 was published Jun 13, 2024
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. This... Moderate Unreviewed
CVE-2024-7217 was published Jul 30, 2024
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker... Moderate Unreviewed
CVE-2024-28576 was published Mar 20, 2024
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter()... Moderate Unreviewed
CVE-2024-29506 was published Jul 3, 2024
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker... Moderate Unreviewed
CVE-2024-28570 was published Mar 20, 2024
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The... Moderate Unreviewed
CVE-2024-25076 was published Jul 10, 2024
Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing... Moderate Unreviewed
CVE-2020-22628 was published Aug 22, 2023
Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number)... Moderate Unreviewed
CVE-2024-6564 was published Jul 8, 2024
FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in... Moderate Unreviewed
CVE-2024-32228 was published Jul 1, 2024
Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to execute arbitrary code... Moderate Unreviewed
CVE-2024-33454 was published May 14, 2024
MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via the function osuCrypto:... Moderate Unreviewed
CVE-2024-33783 was published May 7, 2024
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information... Moderate Unreviewed
CVE-2021-34983 was published May 8, 2024
MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via the function osuCrypto:... Moderate Unreviewed
CVE-2024-33780 was published May 7, 2024
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones, including 6970 Conference Unit,... Moderate Unreviewed
CVE-2024-31963 was published May 2, 2024
ProTip! Advisories are also available from the GraphQL API