GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
238 advisories
Filter by severity
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple...
High
Unreviewed
CVE-2023-41102
was published
Nov 17, 2023
HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability
High
CVE-2023-5954
was published
for
github.com/hashicorp/vault
(Go)
Nov 9, 2023
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks...
High
Unreviewed
CVE-2023-44192
was published
Oct 13, 2023
MsQuic Remote Denial of Service Vulnerability
High
CVE-2023-36435
was published
for
Microsoft.Native.Quic.MsQuic.OpenSSL
(NuGet)
Oct 10, 2023
When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server...
High
Unreviewed
CVE-2023-40534
was published
Oct 10, 2023
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will...
High
Unreviewed
CVE-2023-3592
was published
Oct 2, 2023
In canvas rendering, a compromised content process could have caused a surface to change...
High
Unreviewed
CVE-2023-5170
was published
Sep 27, 2023
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential...
High
Unreviewed
CVE-2023-5156
was published
Sep 25, 2023
An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to obtain sensitive information via a...
High
Unreviewed
CVE-2023-41484
was published
Sep 20, 2023
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be...
High
Unreviewed
CVE-2023-28366
was published
Sep 1, 2023
BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of...
High
Unreviewed
CVE-2023-4513
was published
Aug 24, 2023
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial...
High
Unreviewed
CVE-2022-48541
was published
Aug 22, 2023
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The...
High
Unreviewed
CVE-2023-32247
was published
Jul 24, 2023
When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual...
High
Unreviewed
CVE-2023-29163
was published
Jul 6, 2023
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially...
High
Unreviewed
CVE-2022-4139
was published
Jul 6, 2023
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller...
High
Unreviewed
CVE-2022-3577
was published
Jul 6, 2023
CometBFT may duplicate transactions in the mempool's data structures
High
CVE-2023-34451
was published
for
github.com/cometbft/cometbft
(Go)
Jul 5, 2023
mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString() at mp4file_io.cpp
High
Unreviewed
CVE-2023-33718
was published
May 31, 2023
Teeworlds v0.7.5 was discovered to contain memory leaks.
High
Unreviewed
CVE-2023-31517
was published
May 23, 2023
An issue found in libming v.0.4.8 allows a local attacker to execute arbitrary code via the...
High
Unreviewed
CVE-2021-31240
was published
May 9, 2023
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.
High
Unreviewed
CVE-2023-21666
was published
May 2, 2023
A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon...
High
Unreviewed
CVE-2023-28982
was published
Apr 18, 2023
Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic...
High
Unreviewed
CVE-2023-30637
was published
Apr 14, 2023
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can...
High
Unreviewed
CVE-2023-24511
was published
Apr 12, 2023
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt...
High
Unreviewed
CVE-2023-26257
was published
Feb 27, 2023
ProTip!
Advisories are also available from the
GraphQL API