GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,163
Composer 4,339
Erlang 31
GitHub Actions 22
Go 2,098
Maven 5,270
npm 3,762
NuGet 678
pip 3,448
Pub 12
RubyGems 892
Rust 883
Swift 37

Unreviewed advisories

All unreviewed 242,834

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

89 advisories

Filter by severity

Sort by

Least recently updated

In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed

CVE-2023-20708 was published May 16, 2023

In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed

CVE-2023-20709 was published May 16, 2023

In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to... Moderate Unreviewed

CVE-2023-20704 was published May 16, 2023

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to... Moderate Unreviewed

CVE-2023-20707 was published May 16, 2023

In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed

CVE-2023-20710 was published May 16, 2023

In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to... Moderate Unreviewed

CVE-2023-20705 was published May 16, 2023

In m4u, there is a possible out of bounds write due to improper input validation. This could lead... Moderate Unreviewed

CVE-2023-20722 was published May 16, 2023

** DISPUTED ** Varnish 2.0.6 writes data to a log file without sanitizing non-printable... Moderate Unreviewed

CVE-2009-4488 was published May 2, 2022

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3... High Unreviewed

CVE-2008-2374 was published May 1, 2022

An issue was found in Action Launcher v50.5 allows an attacker to escalate privilege via... High Unreviewed

CVE-2022-47029 was published May 30, 2023

Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated... Low Unreviewed

CVE-2022-46143 was published Dec 13, 2022

In the Linux kernel, the following vulnerability has been resolved: netdevsim: prevent bad user... Moderate Unreviewed

CVE-2024-56716 was published Dec 29, 2024

Due to URL previews in the network panel of developer tools improperly storing URLs, query... High Unreviewed

CVE-2023-25731 was published Jun 2, 2023

An issue in the 690b33e1-0462-4e84-9bea-c7552b45432a.sys component of Asus GPU Tweak II Program... High Unreviewed

CVE-2024-55410 was published Jan 7, 2025

An issue in the DeviceloControl function of ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers... High Unreviewed

CVE-2024-55407 was published Jan 6, 2025

In Modem, there is a possible system crash due to improper input validation. This could lead to... High Unreviewed

CVE-2024-20149 was published Jan 6, 2025

In OPPO Store APP, there's a possible escalation of privilege due to improper input validation. High Unreviewed

CVE-2024-1610 was published Dec 18, 2024

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. High Unreviewed

CVE-2024-1714 was published Feb 21, 2024

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling... Moderate Unreviewed

CVE-2024-8508 was published Oct 3, 2024

IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or... Moderate Unreviewed

CVE-2024-52901 was published Dec 12, 2024

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280,... High Unreviewed

CVE-2024-39343 was published Dec 2, 2024

The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. High Unreviewed

CVE-2023-34188 was published Jun 23, 2023

Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet... High Unreviewed

CVE-2024-47257 was published Nov 26, 2024

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote... Moderate Unreviewed

CVE-2024-9369 was published Nov 27, 2024

A memory corruption vulnerability exists in the affected products when parsing DFT files. Local... High Unreviewed

CVE-2024-6068 was published Nov 14, 2024

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

89 advisories