Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,339 advisories

Loading
Memory corruption while calculating total metadata size when a very high reserved size is... High Unreviewed
CVE-2024-33035 was published Sep 2, 2024
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer... High Unreviewed
CVE-2024-45491 was published Aug 30, 2024
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an... High Unreviewed
CVE-2024-45492 was published Aug 30, 2024
In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible... High Unreviewed
CVE-2024-34740 was published Aug 16, 2024
In _MMU_AllocLevel of mmu_common.c, there is a possible arbitrary code execution due to an... High Unreviewed
CVE-2024-31333 was published Aug 16, 2024
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or... High Unreviewed
CVE-2024-41851 was published Aug 14, 2024
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound... High Unreviewed
CVE-2024-41858 was published Aug 14, 2024
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38215 was published Aug 13, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38128 was published Aug 13, 2024
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38144 was published Aug 13, 2024
Memory corruption while allocating memory in HGSL driver. High Unreviewed
CVE-2024-33022 was published Aug 5, 2024
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of... High Unreviewed
CVE-2024-33024 was published Aug 5, 2024
In the Linux kernel, the following vulnerability has been resolved: cdrom: rearrange... High Unreviewed
CVE-2024-42136 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent... High Unreviewed
CVE-2022-48837 was published Jul 16, 2024
In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer... High Unreviewed
CVE-2024-41000 was published Jul 12, 2024
In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in... High Unreviewed
CVE-2024-40994 was published Jul 12, 2024
In CacheOpPMRExec of cache_km.c, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2024-23695 was published Jul 9, 2024
Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or... High Unreviewed
CVE-2024-34139 was published Jul 9, 2024
Windows Hyper-V Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38080 was published Jul 9, 2024
Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38019 was published Jul 9, 2024
Windows Filtering Platform Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38034 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-37323 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-37336 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21428 was published Jul 9, 2024
An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of... High Unreviewed
CVE-2023-45742 was published Jul 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database