Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

59 advisories

Loading
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2024-45382 was published Oct 8, 2024
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted... Low Unreviewed
CVE-2024-8443 was published Sep 10, 2024
An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize... Low Unreviewed
CVE-2023-20513 was published Aug 13, 2024
Dell iDRAC Service Module version 5.3.0.0 and prior contains Out of bound write Vulnerability. A... Low Unreviewed
CVE-2024-38489 was published Aug 1, 2024
Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally... Low Unreviewed
CVE-2024-32855 was published Jun 25, 2024
Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before... Low Unreviewed
CVE-2023-47282 was published May 16, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a... Low Unreviewed
CVE-2024-4141 was published Apr 24, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in... Low Unreviewed
CVE-2024-3900 was published Apr 17, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51452 was published Apr 2, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51453 was published Apr 2, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in... Low Unreviewed
CVE-2024-2971 was published Mar 27, 2024
wasmtime_trap_code C API function has out of bounds write vulnerability Low
CVE-2022-39394 was published for wasmtime (Rust) Feb 1, 2024
kpreisser
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a... Low Unreviewed
CVE-2023-4016 was published Aug 2, 2023
Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows... Low Unreviewed
CVE-2023-2687 was published Jun 2, 2023
In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a... Low Unreviewed
CVE-2022-20526 was published Dec 20, 2022
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted... Low Unreviewed
CVE-2022-31699 was published Dec 13, 2022
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel... Low Unreviewed
CVE-2022-41802 was published Dec 8, 2022
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the... Low Unreviewed
CVE-2022-41595 was published Oct 14, 2022
Denial of Service via stack overflow Low
CVE-2022-40155 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022 withdrawn
Denial of Service via stack overflow Low
CVE-2022-40154 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022 withdrawn
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can... Low Unreviewed
CVE-2022-38701 was published Sep 10, 2022
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. Low Unreviewed
CVE-2022-2061 was published Jun 14, 2022
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability... Low Unreviewed
CVE-2021-36054 was published May 24, 2022
Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may... Low Unreviewed
CVE-2021-34397 was published May 24, 2022
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier)... Low Unreviewed
CVE-2021-21046 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database