Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,409
Erlang
33
GitHub Actions
22
Go
2,144
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,475 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: assert requested... High Unreviewed
CVE-2023-52507 was published Mar 3, 2024
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not attempt... High Unreviewed
CVE-2023-52501 was published Mar 3, 2024
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the... High Unreviewed
CVE-2024-45558 was published Jan 6, 2025
Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space. High Unreviewed
CVE-2024-45546 was published Jan 6, 2025
Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL... High Unreviewed
CVE-2024-45548 was published Jan 6, 2025
Memory corruption while processing buffer initialization, when trusted report for certain report... High Unreviewed
CVE-2023-33115 was published Apr 1, 2024
An Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below,... High Unreviewed
CVE-2024-46670 was published Jan 14, 2025
An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... High Unreviewed
CVE-2024-13169 was published Jan 14, 2025
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied... High Unreviewed
CVE-2024-38560 was published Jun 19, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of... High Unreviewed
CVE-2021-47191 was published Apr 10, 2024
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. High Unreviewed
CVE-2024-21477 was published May 6, 2024
In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: fix... High Unreviewed
CVE-2021-47083 was published Mar 4, 2024
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds... High Unreviewed
CVE-2024-56627 was published Dec 27, 2024
Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker... High Unreviewed
CVE-2025-0437 was published Jan 15, 2025
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. High Unreviewed
CVE-2023-0049 was published Jan 4, 2023
In multiple locations, there is a possible way to read protected files due to a missing... High Unreviewed
CVE-2018-9464 was published Jan 18, 2025
In onAttachFragment of ShareIntentActivity.java, there is a possible way for an app to read files... High Unreviewed
CVE-2018-9461 was published Jan 18, 2025
In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an... High Unreviewed
CVE-2018-9387 was published Jan 18, 2025
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active... High Unreviewed
CVE-2011-3406 was published May 13, 2022
The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit... High Unreviewed
CVE-2024-24417 was published Jan 22, 2025
Information disclosure in Video while parsing mp2 clip with invalid section length. High Unreviewed
CVE-2023-43555 was published Jun 3, 2024
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux,... High Unreviewed
CVE-2017-5030 was published Apr 30, 2022
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome... High Unreviewed
CVE-2016-1646 was published May 14, 2022
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840... High Unreviewed
CVE-2016-5198 was published May 14, 2022
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force... High Unreviewed
CVE-2024-7670 was published Sep 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database