Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

110,999 advisories

Loading
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when... Moderate Unreviewed
CVE-2023-6693 was published Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia camera crash... Moderate Unreviewed
CVE-2023-47857 was published Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash... Moderate Unreviewed
CVE-2023-49142 was published Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash... Moderate Unreviewed
CVE-2023-48360 was published Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash... Moderate Unreviewed
CVE-2023-49135 was published Jan 2, 2024
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due... Moderate Unreviewed
CVE-2023-26157 was published Jan 2, 2024
Memory corruption while receiving a message in Bus Socket Transport Server. Moderate Unreviewed
CVE-2023-33038 was published Jan 2, 2024
Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr... Moderate Unreviewed
CVE-2023-28583 was published Jan 2, 2024
Follow Redirects improperly handles URLs in the url.parse() function Moderate
CVE-2023-26159 was published for follow-redirects (npm) Jan 2, 2024
iainsproat
In bluetooth service, there is a possible out of bounds write due to improper input validation.... Moderate Unreviewed
CVE-2023-32891 was published Jan 2, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-0185 was published Jan 2, 2024
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-32872 was published Jan 2, 2024
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This... Moderate Unreviewed
CVE-2023-32831 was published Jan 2, 2024
In battery, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-32879 was published Jan 2, 2024
In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2023-32883 was published Jan 2, 2024
In battery, there is a possible memory corruption due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2023-32882 was published Jan 2, 2024
In battery, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-32877 was published Jan 2, 2024
In battery, there is a possible information disclosure due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-32880 was published Jan 2, 2024
In display drm, there is a possible memory corruption due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-32885 was published Jan 2, 2024
In keyInstall, there is a possible information disclosure due to a missing bounds check. This... Moderate Unreviewed
CVE-2023-32876 was published Jan 2, 2024
In battery, there is a possible information disclosure due to an integer overflow. This could... Moderate Unreviewed
CVE-2023-32881 was published Jan 2, 2024
In netdagent, there is a possible information disclosure due to an incorrect bounds check. This... Moderate Unreviewed
CVE-2023-32884 was published Jan 2, 2024
In keyInstall, there is a possible information disclosure due to a missing bounds check. This... Moderate Unreviewed
CVE-2023-32875 was published Jan 2, 2024
In battery, there is a possible information disclosure due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-32878 was published Jan 2, 2024
The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2023-6485 was published Jan 1, 2024
ProTip! Advisories are also available from the GraphQL API