GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,277
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
238 advisories
Filter by severity
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The...
High
Unreviewed
CVE-2023-32247
was published
Jul 24, 2023
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial...
High
Unreviewed
CVE-2022-48541
was published
Aug 22, 2023
BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of...
High
Unreviewed
CVE-2023-4513
was published
Aug 24, 2023
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be...
High
Unreviewed
CVE-2023-28366
was published
Sep 1, 2023
An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to obtain sensitive information via a...
High
Unreviewed
CVE-2023-41484
was published
Sep 20, 2023
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential...
High
Unreviewed
CVE-2023-5156
was published
Sep 25, 2023
In canvas rendering, a compromised content process could have caused a surface to change...
High
Unreviewed
CVE-2023-5170
was published
Sep 27, 2023
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will...
High
Unreviewed
CVE-2023-3592
was published
Oct 2, 2023
When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server...
High
Unreviewed
CVE-2023-40534
was published
Oct 10, 2023
MsQuic Remote Denial of Service Vulnerability
High
CVE-2023-36435
was published
for
Microsoft.Native.Quic.MsQuic.OpenSSL
(NuGet)
Oct 10, 2023
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks...
High
Unreviewed
CVE-2023-44192
was published
Oct 13, 2023
HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability
High
CVE-2023-5954
was published
for
github.com/hashicorp/vault
(Go)
Nov 9, 2023
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple...
High
Unreviewed
CVE-2023-41102
was published
Nov 17, 2023
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes...
High
Unreviewed
CVE-2023-48090
was published
Nov 20, 2023
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions...
High
Unreviewed
CVE-2023-38380
was published
Dec 12, 2023
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version...
High
Unreviewed
CVE-2023-0248
was published
Dec 14, 2023
A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol...
High
Unreviewed
CVE-2024-21611
was published
Jan 12, 2024
openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in...
High
Unreviewed
CVE-2024-22563
was published
Jan 19, 2024
mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the...
High
Unreviewed
CVE-2024-24259
was published
Feb 5, 2024
mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the...
High
Unreviewed
CVE-2024-24258
was published
Feb 5, 2024
gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the...
High
Unreviewed
CVE-2024-24267
was published
Feb 5, 2024
gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the...
High
Unreviewed
CVE-2024-24265
was published
Feb 5, 2024
Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage.
High
Unreviewed
CVE-2023-33049
was published
Feb 6, 2024
libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/apps/ts2las.cpp.
High
Unreviewed
CVE-2024-27507
was published
Feb 27, 2024
Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchmark/main.c.
High
Unreviewed
CVE-2024-27508
was published
Feb 27, 2024
ProTip!
Advisories are also available from the
GraphQL API