Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

242 advisories

Loading
A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol... High Unreviewed
CVE-2024-21611 was published Jan 12, 2024
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version... High Unreviewed
CVE-2023-0248 was published Dec 14, 2023
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions... High Unreviewed
CVE-2023-38380 was published Dec 12, 2023
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes... High Unreviewed
CVE-2023-48090 was published Nov 20, 2023
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple... High Unreviewed
CVE-2023-41102 was published Nov 17, 2023
HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability High
CVE-2023-5954 was published for github.com/hashicorp/vault (Go) Nov 9, 2023
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks... High Unreviewed
CVE-2023-44192 was published Oct 13, 2023
MsQuic Remote Denial of Service Vulnerability High
CVE-2023-36435 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server... High Unreviewed
CVE-2023-40534 was published Oct 10, 2023
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will... High Unreviewed
CVE-2023-3592 was published Oct 2, 2023
In canvas rendering, a compromised content process could have caused a surface to change... High Unreviewed
CVE-2023-5170 was published Sep 27, 2023
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential... High Unreviewed
CVE-2023-5156 was published Sep 25, 2023
An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to obtain sensitive information via a... High Unreviewed
CVE-2023-41484 was published Sep 20, 2023
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be... High Unreviewed
CVE-2023-28366 was published Sep 1, 2023
BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of... High Unreviewed
CVE-2023-4513 was published Aug 24, 2023
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial... High Unreviewed
CVE-2022-48541 was published Aug 22, 2023
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The... High Unreviewed
CVE-2023-32247 was published Jul 24, 2023
When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual... High Unreviewed
CVE-2023-29163 was published Jul 6, 2023
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially... High Unreviewed
CVE-2022-4139 was published Jul 6, 2023
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller... High Unreviewed
CVE-2022-3577 was published Jul 6, 2023
CometBFT may duplicate transactions in the mempool's data structures High
CVE-2023-34451 was published for github.com/cometbft/cometbft (Go) Jul 5, 2023
otrack
mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString() at mp4file_io.cpp High Unreviewed
CVE-2023-33718 was published May 31, 2023
Teeworlds v0.7.5 was discovered to contain memory leaks. High Unreviewed
CVE-2023-31517 was published May 23, 2023
An issue found in libming v.0.4.8 allows a local attacker to execute arbitrary code via the... High Unreviewed
CVE-2021-31240 was published May 9, 2023
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. High Unreviewed
CVE-2023-21666 was published May 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database