Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

487 advisories

Loading
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24093 was published Jan 28, 2025
An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and... Critical Unreviewed
CVE-2024-35532 was published Jan 7, 2025
In isSlotMarkedSuccessful of BootControl.cpp, there is a possible out of bounds read due to a... Critical Unreviewed
CVE-2024-47039 was published Dec 18, 2024
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... Critical Unreviewed
CVE-2024-54506 was published Dec 12, 2024
In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect... Critical Unreviewed
CVE-2018-9430 was published Dec 3, 2024
FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8... Critical Unreviewed
CVE-2024-35367 was published Nov 29, 2024
In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to... Critical Unreviewed
CVE-2017-17772 was published Nov 26, 2024
An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the... Critical Unreviewed
CVE-2024-41721 was published Sep 20, 2024
In function MatchDomainName(), input param str is treated as a NULL terminated string despite... Critical Unreviewed
CVE-2024-5991 was published Aug 27, 2024
Editor code failed to check an attribute value. This could have led to an out-of-bounds read.... Critical Unreviewed
CVE-2024-7522 was published Aug 6, 2024
Clipboard code failed to check the index on an array access. This could have lead to an out-of... Critical Unreviewed
CVE-2024-6606 was published Jul 9, 2024
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name... Critical Unreviewed
CVE-2024-37407 was published Jun 8, 2024
robdns commit d76d2e6 was discovered to contain a heap overflow via the component block->filename... Critical Unreviewed
CVE-2024-24192 was published Jun 7, 2024
In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length... Critical Unreviewed
CVE-2021-47274 was published May 21, 2024
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c ... Critical Unreviewed
CVE-2024-32622 was published May 14, 2024
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page... Critical Unreviewed
CVE-2024-32286 was published Apr 17, 2024
Tenda AC7V1.0 v15.03.06.44 firmware has a stack overflow vulnerability via the PPW parameter in... Critical Unreviewed
CVE-2024-32301 was published Apr 17, 2024
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart... Critical Unreviewed
CVE-2024-22949 was published Apr 9, 2024
Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal... Critical Unreviewed
CVE-2024-23086 was published Apr 8, 2024
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can... Critical Unreviewed
CVE-2024-22004 was published Apr 5, 2024
Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker... Critical Unreviewed
CVE-2024-28515 was published Apr 3, 2024
Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the time parameter from... Critical Unreviewed
CVE-2024-30630 was published Mar 29, 2024
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the urls parameter of the... Critical Unreviewed
CVE-2024-30587 was published Mar 28, 2024
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the... Critical Unreviewed
CVE-2024-30596 was published Mar 28, 2024
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling... Critical Unreviewed
CVE-2024-29943 was published Mar 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database