Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

91 advisories

Loading
There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS... Moderate Unreviewed
CVE-2022-39068 was published Sep 18, 2024
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is... Moderate Unreviewed
CVE-2024-8946 was published Sep 17, 2024
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this... Moderate Unreviewed
CVE-2024-8948 was published Sep 17, 2024
Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows... Moderate Unreviewed
CVE-2024-40754 was published Sep 10, 2024
Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow... Moderate Unreviewed
CVE-2024-42436 was published Aug 14, 2024
Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow... Moderate Unreviewed
CVE-2024-42437 was published Aug 14, 2024
Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow... Moderate Unreviewed
CVE-2024-42438 was published Aug 14, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-38161 was published Aug 13, 2024
A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file... Moderate Unreviewed
CVE-2024-43168 was published Aug 12, 2024
A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects... Moderate Unreviewed
CVE-2024-7272 was published Aug 12, 2024
A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects... Moderate Unreviewed
CVE-2024-7055 was published Aug 6, 2024
A heap buffer overflow in the function png_quantize() of hicolor v0.5.0 allows attackers to cause... Moderate Unreviewed
CVE-2024-41440 was published Jul 30, 2024
A heap buffer overflow in the function cp_stored() (/vendor/cute_png.h) of hicolor v0.5.0 allows... Moderate Unreviewed
CVE-2024-41438 was published Jul 30, 2024
Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows... Moderate Unreviewed
CVE-2024-32671 was published Jul 29, 2024
Secure Boot Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-38065 was published Jul 9, 2024
The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where... Moderate Unreviewed
CVE-2024-6383 was published Jul 4, 2024
Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of... Moderate Unreviewed
CVE-2024-39133 was published Jun 27, 2024
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application... Moderate Unreviewed
CVE-2024-38950 was published Jun 26, 2024
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application... Moderate Unreviewed
CVE-2024-38949 was published Jun 26, 2024
A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications,... Moderate Unreviewed
CVE-2024-23154 was published Jun 25, 2024
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote... Moderate Unreviewed
CVE-2024-29013 was published Jun 20, 2024
Elasticsearch StackOverflow vulnerability Moderate
CVE-2024-37280 was published for org.elasticsearch:elasticsearch (Maven) Jun 13, 2024
Winlogon Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-30066 was published Jun 11, 2024
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos... Moderate Unreviewed
CVE-2024-27374 was published Jun 5, 2024
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos... Moderate Unreviewed
CVE-2024-27372 was published Jun 5, 2024
ProTip! Advisories are also available from the GraphQL API