Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

66 advisories

Loading
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting... Critical Unreviewed
CVE-2023-3463 was published Jul 19, 2023
Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of... Critical Unreviewed
CVE-2022-48512 was published Jul 6, 2023
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version... Critical Unreviewed
CVE-2023-27997 was published Jun 13, 2023
netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A... Critical Unreviewed
CVE-2023-28753 was published May 19, 2023
Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office... Critical Unreviewed
CVE-2023-0854 was published May 11, 2023
Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers... Critical Unreviewed
CVE-2023-0851 was published May 11, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-2848 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-43634 was published Mar 29, 2023
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation Critical
CVE-2023-25668 was published for tensorflow (pip) Mar 24, 2023
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer... Critical Unreviewed
CVE-2023-23582 was published Jan 31, 2023
A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO... Critical Unreviewed
CVE-2022-41838 was published Dec 23, 2022
A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in... Critical Unreviewed
CVE-2022-41639 was published Dec 23, 2022
A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of... Critical Unreviewed
CVE-2022-41794 was published Dec 23, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. Critical Unreviewed
CVE-2022-3491 was published Dec 3, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. Critical Unreviewed
CVE-2022-3520 was published Dec 2, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a... Critical Unreviewed
CVE-2022-35712 was published Oct 15, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a... Critical Unreviewed
CVE-2022-35711 was published Oct 15, 2022
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 ... Critical Unreviewed
CVE-2022-34819 was published Jul 13, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-2207 was published Jun 28, 2022
libmysofa is vulnerable to Heap-based Buffer Overflow Critical Unreviewed
CVE-2021-3756 was published May 24, 2022
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which... Critical Unreviewed
CVE-2021-33023 was published May 24, 2022
Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06 Critical Unreviewed
CVE-2021-32959 was published May 24, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201... Critical Unreviewed
CVE-2021-25668 was published May 24, 2022
xbuf_format_converter, used as part of exif_read_data, was appending a terminating null character... Critical Unreviewed
CVE-2020-1917 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Critical Unreviewed
CVE-2020-25226 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database