GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
479 advisories
Filter by severity
An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the...
Critical
Unreviewed
CVE-2024-41721
was published
Sep 20, 2024
In function MatchDomainName(), input param str is treated as a NULL terminated string despite...
Critical
Unreviewed
CVE-2024-5991
was published
Aug 27, 2024
Editor code failed to check an attribute value. This could have led to an out-of-bounds read....
Critical
Unreviewed
CVE-2024-7522
was published
Aug 6, 2024
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name...
Critical
Unreviewed
CVE-2024-37407
was published
Jun 8, 2024
robdns commit d76d2e6 was discovered to contain a heap overflow via the component block->filename...
Critical
Unreviewed
CVE-2024-24192
was published
Jun 7, 2024
In the Linux kernel, the following vulnerability has been resolved:
tracing: Correct the length...
Critical
Unreviewed
CVE-2021-47274
was published
May 21, 2024
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c ...
Critical
Unreviewed
CVE-2024-32622
was published
May 14, 2024
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page...
Critical
Unreviewed
CVE-2024-32286
was published
Apr 17, 2024
Tenda AC7V1.0 v15.03.06.44 firmware has a stack overflow vulnerability via the PPW parameter in...
Critical
Unreviewed
CVE-2024-32301
was published
Apr 17, 2024
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart...
Critical
Unreviewed
CVE-2024-22949
was published
Apr 9, 2024
Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal...
Critical
Unreviewed
CVE-2024-23086
was published
Apr 8, 2024
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can...
Critical
Unreviewed
CVE-2024-22004
was published
Apr 5, 2024
Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker...
Critical
Unreviewed
CVE-2024-28515
was published
Apr 3, 2024
Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the time parameter from...
Critical
Unreviewed
CVE-2024-30630
was published
Mar 29, 2024
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the urls parameter of the...
Critical
Unreviewed
CVE-2024-30587
was published
Mar 28, 2024
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the...
Critical
Unreviewed
CVE-2024-30596
was published
Mar 28, 2024
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling...
Critical
Unreviewed
CVE-2024-29943
was published
Mar 22, 2024
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of...
Critical
Unreviewed
CVE-2024-28537
was published
Mar 18, 2024
Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially...
Critical
Unreviewed
CVE-2024-0794
was published
Feb 20, 2024
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that...
Critical
Unreviewed
CVE-2022-48623
was published
Feb 13, 2024
Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through...
Critical
Unreviewed
CVE-2021-42147
was published
Jan 24, 2024
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows...
Critical
Unreviewed
CVE-2021-42144
was published
Jan 24, 2024
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko...
Critical
Unreviewed
CVE-2023-4280
was published
Jan 2, 2024
An unvalidated input in a library function responsible for communicating between secure and non...
Critical
Unreviewed
CVE-2023-4020
was published
Dec 15, 2023
Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by...
Critical
Unreviewed
CVE-2023-47456
was published
Nov 14, 2023
ProTip!
Advisories are also available from the
GraphQL API