Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a... Critical Unreviewed
CVE-2022-35712 was published Oct 15, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a... Critical Unreviewed
CVE-2022-35711 was published Oct 15, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. Critical Unreviewed
CVE-2022-3520 was published Dec 2, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. Critical Unreviewed
CVE-2022-3491 was published Dec 3, 2022
A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of... Critical Unreviewed
CVE-2022-41794 was published Dec 23, 2022
A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO... Critical Unreviewed
CVE-2022-41838 was published Dec 23, 2022
A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in... Critical Unreviewed
CVE-2022-41639 was published Dec 23, 2022
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer... Critical Unreviewed
CVE-2023-23582 was published Jan 31, 2023
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation Critical
CVE-2023-25668 was published for tensorflow (pip) Mar 24, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-43634 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-2848 was published Mar 29, 2023
Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers... Critical Unreviewed
CVE-2023-0851 was published May 11, 2023
Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office... Critical Unreviewed
CVE-2023-0854 was published May 11, 2023
netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A... Critical Unreviewed
CVE-2023-28753 was published May 19, 2023
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version... Critical Unreviewed
CVE-2023-27997 was published Jun 13, 2023
Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of... Critical Unreviewed
CVE-2022-48512 was published Jul 6, 2023
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting... Critical Unreviewed
CVE-2023-3463 was published Jul 19, 2023
Heap-based buffer overflow in ZBar Critical
CVE-2023-40889 was published for zbar (pip) Aug 29, 2023
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality... Critical Unreviewed
CVE-2023-27882 was published Nov 14, 2023
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston... Critical Unreviewed
CVE-2023-25181 was published Nov 14, 2023
Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which... Critical Unreviewed
CVE-2023-47455 was published Nov 14, 2023
A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used... Critical Unreviewed
CVE-2023-29073 was published Nov 23, 2023
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the... Critical Unreviewed
CVE-2023-5908 was published Dec 1, 2023
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep... Critical Unreviewed
CVE-2023-5841 was published Feb 1, 2024
Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer... Critical Unreviewed
CVE-2022-23086 was published Feb 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database