Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

86 advisories

Loading
An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize... Low Unreviewed
CVE-2023-20513 was published Aug 13, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2024-45382 was published Oct 8, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51453 was published Apr 2, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51452 was published Apr 2, 2024
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted... Low Unreviewed
CVE-2024-8443 was published Sep 10, 2024
Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows... Low Unreviewed
CVE-2023-2687 was published Jun 2, 2023
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel... Low Unreviewed
CVE-2022-41802 was published Dec 8, 2022
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can... Low Unreviewed
CVE-2022-38701 was published Sep 10, 2022
Dell iDRAC Service Module version 5.3.0.0 and prior contains Out of bound write Vulnerability. A... Low Unreviewed
CVE-2024-38489 was published Aug 1, 2024
Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally... Low Unreviewed
CVE-2024-32855 was published Jun 25, 2024
Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before... Low Unreviewed
CVE-2023-47282 was published May 16, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a... Low Unreviewed
CVE-2024-4141 was published Apr 24, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in... Low Unreviewed
CVE-2024-3900 was published Apr 17, 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in... Low Unreviewed
CVE-2024-2971 was published Mar 27, 2024
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a... Low Unreviewed
CVE-2023-4016 was published Aug 2, 2023
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability... Low Unreviewed
CVE-2021-36054 was published May 24, 2022
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has... Low Unreviewed
CVE-2020-13398 was published May 24, 2022
Denial of service in Tendermint Low
CVE-2020-5303 was published for github.com/tendermint/tendermint (Go) May 27, 2021
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python... Low Unreviewed
CVE-2018-1000030 was published May 13, 2022
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer... Low Unreviewed
CVE-2019-18391 was published May 24, 2022
The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on... Low Unreviewed
CVE-2010-1451 was published May 2, 2022
In QEMU 4.2.0, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame... Low Unreviewed
CVE-2020-13361 was published May 24, 2022
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted... Low Unreviewed
CVE-2022-31699 was published Dec 13, 2022
Denial of Service via stack overflow Low
CVE-2022-40154 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022 withdrawn
Denial of Service via stack overflow Low
CVE-2022-40155 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database