GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
36 advisories
Filter by severity
JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index,...
Moderate
Unreviewed
CVE-2024-41565
was published
Aug 28, 2024
Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified...
Moderate
Unreviewed
CVE-2024-42698
was published
Aug 28, 2024
EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index,...
Moderate
Unreviewed
CVE-2024-41564
was published
Aug 28, 2024
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to...
Moderate
Unreviewed
CVE-2018-16648
was published
May 13, 2022
In the Linux kernel, the following vulnerability has been resolved:
clk: bcm: rpi: Assign ->num...
Moderate
Unreviewed
CVE-2024-39461
was published
Jun 25, 2024
In the Linux kernel, the following vulnerability has been resolved:
thermal/drivers...
Moderate
Unreviewed
CVE-2020-36776
was published
Feb 27, 2024
Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in...
Moderate
Unreviewed
CVE-2023-33111
was published
Apr 1, 2024
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU...
Moderate
Unreviewed
CVE-2022-33289
was published
Apr 13, 2023
A Improper Validation of Array Index issue affecting the v2_sdk_service running on a set of DJI...
Moderate
Unreviewed
CVE-2023-51455
was published
Apr 2, 2024
Improper validation of array index vulnerability in UserPrivilege.Enum webapi component in...
Moderate
Unreviewed
CVE-2024-29231
was published
Mar 28, 2024
Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2,...
Moderate
Unreviewed
CVE-2007-5756
was published
May 1, 2022
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to...
Moderate
Unreviewed
CVE-2005-0369
was published
May 1, 2022
tiny-curl-8_4_0 , curl-8_4_0 and curl-8_5_0 were discovered to contain an off-by-one out-of...
Moderate
Unreviewed
CVE-2023-52071
was published
Jan 30, 2024
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x...
Moderate
Unreviewed
CVE-2022-42011
was published
Oct 10, 2022
A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability...
Moderate
Unreviewed
CVE-2023-6298
was published
Nov 27, 2023
In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to...
Moderate
Unreviewed
CVE-2023-20633
was published
Mar 7, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47343
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47346
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47347
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47344
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47345
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47342
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47348
was published
Feb 12, 2023
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local...
Moderate
Unreviewed
CVE-2016-7170
was published
May 13, 2022
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2...
Moderate
Unreviewed
CVE-2010-2806
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API