Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

95 advisories

Loading
heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is... Moderate Unreviewed
CVE-2022-1244 was published Apr 6, 2022
There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is... Moderate Unreviewed
CVE-2020-27845 was published May 24, 2022
There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker... Moderate Unreviewed
CVE-2020-27841 was published May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC PDM (All versions),... Moderate Unreviewed
CVE-2020-7586 was published May 24, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Moderate Unreviewed
CVE-2022-0714 was published Feb 23, 2022
A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service... Moderate Unreviewed
CVE-2020-27829 was published May 24, 2022
vim is vulnerable to Heap-based Buffer Overflow Moderate Unreviewed
CVE-2022-0158 was published Jan 11, 2022
A heap-based buffer overflow flaw was found in the Fribidi package and affects the... Moderate Unreviewed
CVE-2022-25309 was published Sep 7, 2022
A vulnerability classified as critical was found in vox2png 1.0. Affected by this vulnerability... Moderate Unreviewed
CVE-2023-1010 was published Feb 24, 2023
A vulnerability, which was classified as problematic, has been found in syoyo tinydng. Affected... Moderate Unreviewed
CVE-2023-1570 was published Mar 22, 2023
A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA... Moderate Unreviewed
CVE-2023-20081 was published Mar 23, 2023
Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5... Moderate Unreviewed
CVE-2022-1052 was published Mar 25, 2022
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability... Moderate Unreviewed
CVE-2021-36056 was published May 24, 2022
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. Moderate Unreviewed
CVE-2023-4682 was published Aug 31, 2023
A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the... Moderate Unreviewed
CVE-2023-2241 was published Apr 22, 2023
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. Moderate Unreviewed
CVE-2023-3291 was published Jun 16, 2023
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Moderate Unreviewed
CVE-2023-5686 was published Oct 20, 2023
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. Moderate Unreviewed
CVE-2023-5344 was published Oct 2, 2023
IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow,... Moderate Unreviewed
CVE-2023-28526 was published Dec 9, 2023
IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused... Moderate Unreviewed
CVE-2023-28527 was published Dec 9, 2023
When reading DesFire keys, the function that reads the card isn't properly checking the... Moderate Unreviewed
CVE-2023-33221 was published Dec 15, 2023
NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer... Moderate Unreviewed
CVE-2023-31031 was published Jan 12, 2024
A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper... Moderate Unreviewed
CVE-2024-21596 was published Jan 12, 2024
A Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper... Moderate Unreviewed
CVE-2024-21594 was published Jan 12, 2024
A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data... Moderate Unreviewed
CVE-2024-0684 was published Feb 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database