GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
385 advisories
Filter by severity
A buffer copy without checking size of input vulnerability has been reported to affect several...
Moderate
Unreviewed
CVE-2024-32763
was published
Sep 6, 2024
Buffer Copy without Checking Size of Input (CWE-120) in the Controller 6000 and Controller 7000...
Moderate
Unreviewed
CVE-2024-24972
was published
Sep 11, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several...
Moderate
Unreviewed
CVE-2023-51367
was published
Sep 6, 2024
jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512.
Moderate
Unreviewed
CVE-2023-46363
was published
Nov 8, 2023
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via...
Moderate
Unreviewed
CVE-2024-33773
was published
May 14, 2024
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4...
Moderate
Unreviewed
CVE-2024-6343
was published
Sep 3, 2024
The MPD package included in TwinCAT/BSD allows an authenticated, low-privileged local
attacker to...
Moderate
Unreviewed
CVE-2024-41176
was published
Aug 27, 2024
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/formWPS,...
Moderate
Unreviewed
CVE-2024-33771
was published
May 14, 2024
In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Prevent...
Moderate
Unreviewed
CVE-2024-41038
was published
Jul 29, 2024
In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Return...
Moderate
Unreviewed
CVE-2024-42238
was published
Aug 7, 2024
A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC...
Moderate
Unreviewed
CVE-2023-50821
was published
Apr 9, 2024
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password...
Moderate
Unreviewed
CVE-2024-37632
was published
Jun 13, 2024
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. This...
Moderate
Unreviewed
CVE-2024-7217
was published
Jul 30, 2024
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker...
Moderate
Unreviewed
CVE-2024-28576
was published
Mar 20, 2024
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter()...
Moderate
Unreviewed
CVE-2024-29506
was published
Jul 3, 2024
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker...
Moderate
Unreviewed
CVE-2024-28570
was published
Mar 20, 2024
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The...
Moderate
Unreviewed
CVE-2024-25076
was published
Jul 10, 2024
Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing...
Moderate
Unreviewed
CVE-2020-22628
was published
Aug 22, 2023
Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number)...
Moderate
Unreviewed
CVE-2024-6564
was published
Jul 8, 2024
FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in...
Moderate
Unreviewed
CVE-2024-32228
was published
Jul 1, 2024
Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to execute arbitrary code...
Moderate
Unreviewed
CVE-2024-33454
was published
May 14, 2024
MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via the function osuCrypto:...
Moderate
Unreviewed
CVE-2024-33783
was published
May 7, 2024
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information...
Moderate
Unreviewed
CVE-2021-34983
was published
May 8, 2024
MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via the function osuCrypto:...
Moderate
Unreviewed
CVE-2024-33780
was published
May 7, 2024
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones, including 6970 Conference Unit,...
Moderate
Unreviewed
CVE-2024-31963
was published
May 2, 2024
ProTip!
Advisories are also available from the
GraphQL API