Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

87 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix... Moderate Unreviewed
CVE-2021-47373 was published May 21, 2024
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Correct... High Unreviewed
CVE-2024-26995 was published May 1, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix off by... High Unreviewed
CVE-2021-47046 was published Feb 28, 2024
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly... High Unreviewed
CVE-2024-51554 was published Dec 5, 2024
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue... High Unreviewed
CVE-2024-49880 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: Fix... High Unreviewed
CVE-2024-49862 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix off by... High Unreviewed
CVE-2024-47686 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one... High Unreviewed
CVE-2024-47682 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by... High Unreviewed
CVE-2024-46852 was published Sep 27, 2024
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via ... High Unreviewed
CVE-2021-3156 was published May 24, 2022
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the... High Unreviewed
CVE-2024-32668 was published Sep 5, 2024
In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order... High Unreviewed
CVE-2024-43852 was published Aug 17, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one... High Unreviewed
CVE-2022-48732 was published Jun 20, 2024
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote... High Unreviewed
CVE-2024-36136 was published Aug 14, 2024
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in... Moderate Unreviewed
CVE-2024-31585 was published Apr 17, 2024
Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... High Unreviewed
CVE-2024-38440 was published Jun 16, 2024
Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... Critical Unreviewed
CVE-2024-38441 was published Jun 16, 2024
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off... Moderate Unreviewed
CVE-2024-23849 was published Jan 23, 2024
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one... High Unreviewed
CVE-2022-48672 was published May 3, 2024
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-44444 was published May 3, 2024
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when... Moderate Unreviewed
CVE-2024-1441 was published Mar 11, 2024
An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a... High Unreviewed
CVE-2022-33064 was published Jul 18, 2023
In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off... Critical Unreviewed
CVE-2021-31875 was published May 24, 2022
In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could... Moderate Unreviewed
CVE-2010-5331 was published Apr 21, 2022
WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to... Low Unreviewed
CVE-2004-0342 was published Apr 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database