GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,311 advisories
Filter by severity
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative...
High
Unreviewed
CVE-2023-45854
was published
Sep 16, 2024
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code...
High
Unreviewed
CVE-2023-5869
was published
Dec 10, 2023
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound...
High
Unreviewed
CVE-2024-34121
was published
Sep 13, 2024
An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex...
High
Unreviewed
CVE-2017-15587
was published
May 14, 2022
Windows libarchive Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43495
was published
Sep 10, 2024
The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and...
High
Unreviewed
CVE-2023-22436
was published
Mar 10, 2023
Memory corruption while calculating total metadata size when a very high reserved size is...
High
Unreviewed
CVE-2024-33035
was published
Sep 2, 2024
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an...
High
Unreviewed
CVE-2024-45492
was published
Aug 30, 2024
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer...
High
Unreviewed
CVE-2024-45491
was published
Aug 30, 2024
In the Linux kernel, the following vulnerability has been resolved:
ptp: fix integer overflow in...
High
Unreviewed
CVE-2024-40994
was published
Jul 12, 2024
In the Linux kernel, the following vulnerability has been resolved:
block/ioctl: prefer...
High
Unreviewed
CVE-2024-41000
was published
Jul 12, 2024
In _MMU_AllocLevel of mmu_common.c, there is a possible arbitrary code execution due to an...
High
Unreviewed
CVE-2024-31333
was published
Aug 16, 2024
In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible...
High
Unreviewed
CVE-2024-34740
was published
Aug 16, 2024
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or...
High
Unreviewed
CVE-2024-41851
was published
Aug 14, 2024
Windows Graphics Component Remote Code Execution Vulnerability
High
Unreviewed
CVE-2023-21823
was published
Feb 14, 2023
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound...
High
Unreviewed
CVE-2024-41858
was published
Aug 14, 2024
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38144
was published
Aug 13, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38128
was published
Aug 13, 2024
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38215
was published
Aug 13, 2024
Transient DOS while parsing the ML IE when a beacon with length field inside the common info of...
High
Unreviewed
CVE-2024-33024
was published
Aug 5, 2024
Memory corruption while allocating memory in HGSL driver.
High
Unreviewed
CVE-2024-33022
was published
Aug 5, 2024
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out...
High
Unreviewed
CVE-2023-37536
was published
Oct 11, 2023
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute...
High
Unreviewed
CVE-2007-6353
was published
May 1, 2022
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: rndis: prevent...
High
Unreviewed
CVE-2022-48837
was published
Jul 16, 2024
In CacheOpPMRExec of cache_km.c, there is a possible out of bounds write due to an integer...
High
Unreviewed
CVE-2024-23695
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API