Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

238 advisories

Loading
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple... High Unreviewed
CVE-2023-41102 was published Nov 17, 2023
HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability High
CVE-2023-5954 was published for github.com/hashicorp/vault (Go) Nov 9, 2023
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks... High Unreviewed
CVE-2023-44192 was published Oct 13, 2023
MsQuic Remote Denial of Service Vulnerability High
CVE-2023-36435 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server... High Unreviewed
CVE-2023-40534 was published Oct 10, 2023
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will... High Unreviewed
CVE-2023-3592 was published Oct 2, 2023
In canvas rendering, a compromised content process could have caused a surface to change... High Unreviewed
CVE-2023-5170 was published Sep 27, 2023
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential... High Unreviewed
CVE-2023-5156 was published Sep 25, 2023
An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to obtain sensitive information via a... High Unreviewed
CVE-2023-41484 was published Sep 20, 2023
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be... High Unreviewed
CVE-2023-28366 was published Sep 1, 2023
BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of... High Unreviewed
CVE-2023-4513 was published Aug 24, 2023
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial... High Unreviewed
CVE-2022-48541 was published Aug 22, 2023
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The... High Unreviewed
CVE-2023-32247 was published Jul 24, 2023
When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual... High Unreviewed
CVE-2023-29163 was published Jul 6, 2023
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially... High Unreviewed
CVE-2022-4139 was published Jul 6, 2023
An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller... High Unreviewed
CVE-2022-3577 was published Jul 6, 2023
CometBFT may duplicate transactions in the mempool's data structures High
CVE-2023-34451 was published for github.com/cometbft/cometbft (Go) Jul 5, 2023
otrack
mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString() at mp4file_io.cpp High Unreviewed
CVE-2023-33718 was published May 31, 2023
Teeworlds v0.7.5 was discovered to contain memory leaks. High Unreviewed
CVE-2023-31517 was published May 23, 2023
An issue found in libming v.0.4.8 allows a local attacker to execute arbitrary code via the... High Unreviewed
CVE-2021-31240 was published May 9, 2023
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. High Unreviewed
CVE-2023-21666 was published May 2, 2023
A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon... High Unreviewed
CVE-2023-28982 was published Apr 18, 2023
Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic... High Unreviewed
CVE-2023-30637 was published Apr 14, 2023
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can... High Unreviewed
CVE-2023-24511 was published Apr 12, 2023
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt... High Unreviewed
CVE-2023-26257 was published Feb 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database