GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
110,999 advisories
Filter by severity
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when...
Moderate
Unreviewed
CVE-2023-6693
was published
Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia camera crash...
Moderate
Unreviewed
CVE-2023-47857
was published
Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash...
Moderate
Unreviewed
CVE-2023-49142
was published
Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash...
Moderate
Unreviewed
CVE-2023-48360
was published
Jan 2, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash...
Moderate
Unreviewed
CVE-2023-49135
was published
Jan 2, 2024
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due...
Moderate
Unreviewed
CVE-2023-26157
was published
Jan 2, 2024
Memory corruption while receiving a message in Bus Socket Transport Server.
Moderate
Unreviewed
CVE-2023-33038
was published
Jan 2, 2024
Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr...
Moderate
Unreviewed
CVE-2023-28583
was published
Jan 2, 2024
Follow Redirects improperly handles URLs in the url.parse() function
Moderate
CVE-2023-26159
was published
for
follow-redirects
(npm)
Jan 2, 2024
In bluetooth service, there is a possible out of bounds write due to improper input validation....
Moderate
Unreviewed
CVE-2023-32891
was published
Jan 2, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-0185
was published
Jan 2, 2024
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-32872
was published
Jan 2, 2024
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This...
Moderate
Unreviewed
CVE-2023-32831
was published
Jan 2, 2024
In battery, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-32879
was published
Jan 2, 2024
In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2023-32883
was published
Jan 2, 2024
In battery, there is a possible memory corruption due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2023-32882
was published
Jan 2, 2024
In battery, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-32877
was published
Jan 2, 2024
In battery, there is a possible information disclosure due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-32880
was published
Jan 2, 2024
In display drm, there is a possible memory corruption due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-32885
was published
Jan 2, 2024
In keyInstall, there is a possible information disclosure due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2023-32876
was published
Jan 2, 2024
In battery, there is a possible information disclosure due to an integer overflow. This could...
Moderate
Unreviewed
CVE-2023-32881
was published
Jan 2, 2024
In netdagent, there is a possible information disclosure due to an incorrect bounds check. This...
Moderate
Unreviewed
CVE-2023-32884
was published
Jan 2, 2024
In keyInstall, there is a possible information disclosure due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2023-32875
was published
Jan 2, 2024
In battery, there is a possible information disclosure due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-32878
was published
Jan 2, 2024
The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2023-6485
was published
Jan 1, 2024
ProTip!
Advisories are also available from the
GraphQL API