GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
91 advisories
Filter by severity
Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via...
Moderate
Unreviewed
CVE-2024-24246
was published
Feb 29, 2024
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker...
Moderate
Unreviewed
CVE-2024-28572
was published
Mar 20, 2024
A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic...
Moderate
Unreviewed
CVE-2024-3024
was published
Mar 28, 2024
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap overflow in AP4_Dec3Atom...
Moderate
Unreviewed
CVE-2024-30806
was published
Apr 2, 2024
A vulnerability was found in ermig1979 Simd up to 6.0.134. It has been declared as critical. This...
Moderate
Unreviewed
CVE-2024-3207
was published
Apr 3, 2024
A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects...
Moderate
Unreviewed
CVE-2024-3209
was published
Apr 3, 2024
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-26168
was published
Apr 9, 2024
A heap-buffer-overflow vulnerability in the read_byte function in NanoMQ v.0.21.7 allows...
Moderate
Unreviewed
CVE-2024-31036
was published
Apr 23, 2024
An out-of-bounds write to heap in the pacparser library on Zscaler Client Connector on Mac may...
Moderate
Unreviewed
CVE-2023-28798
was published
May 2, 2024
Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability....
Moderate
Unreviewed
CVE-2023-32157
was published
May 3, 2024
Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec...
Moderate
Unreviewed
CVE-2024-34408
was published
May 3, 2024
A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0...
Moderate
Unreviewed
CVE-2024-34250
was published
May 6, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB...
Moderate
Unreviewed
CVE-2024-3758
was published
May 7, 2024
In multiple locations, there is a possible out of bounds write due to a heap buffer overflow....
Moderate
Unreviewed
CVE-2024-23709
was published
May 7, 2024
Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability
Moderate
CVE-2024-30045
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
May 14, 2024
Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct...
Moderate
Unreviewed
CVE-2024-27243
was published
May 15, 2024
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos...
Moderate
Unreviewed
CVE-2024-27372
was published
Jun 5, 2024
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos...
Moderate
Unreviewed
CVE-2024-27374
was published
Jun 5, 2024
Winlogon Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-30066
was published
Jun 11, 2024
Elasticsearch StackOverflow vulnerability
Moderate
CVE-2024-37280
was published
for
org.elasticsearch:elasticsearch
(Maven)
Jun 13, 2024
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote...
Moderate
Unreviewed
CVE-2024-29013
was published
Jun 20, 2024
A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications,...
Moderate
Unreviewed
CVE-2024-23154
was published
Jun 25, 2024
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application...
Moderate
Unreviewed
CVE-2024-38950
was published
Jun 26, 2024
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application...
Moderate
Unreviewed
CVE-2024-38949
was published
Jun 26, 2024
Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of...
Moderate
Unreviewed
CVE-2024-39133
was published
Jun 27, 2024
ProTip!
Advisories are also available from the
GraphQL API