Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

687 advisories

Loading
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-37334 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21335 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-20701 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21317 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21414 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21373 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21398 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21331 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21333 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21449 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21425 was published Jul 9, 2024
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21415 was published Jul 9, 2024
A heap-based buffer overflow vulnerability exists in the configuration file mib_init_value_array... High Unreviewed
CVE-2024-21778 was published Jul 8, 2024
The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where... Moderate Unreviewed
CVE-2024-6383 was published Jul 4, 2024
The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer... High Unreviewed
CVE-2023-52168 was published Jul 3, 2024
FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column. High Unreviewed
CVE-2024-32229 was published Jul 1, 2024
Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of... Moderate Unreviewed
CVE-2024-39133 was published Jun 27, 2024
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application... Moderate Unreviewed
CVE-2024-38949 was published Jun 26, 2024
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application... Moderate Unreviewed
CVE-2024-38950 was published Jun 26, 2024
A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications,... Moderate Unreviewed
CVE-2024-23154 was published Jun 25, 2024
A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk... Unknown Unreviewed
CVE-2024-23155 was published Jun 25, 2024
[A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can... High Unreviewed
CVE-2024-37001 was published Jun 25, 2024
Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2024-6154 was published Jun 20, 2024
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote... Moderate Unreviewed
CVE-2024-29013 was published Jun 20, 2024
Elasticsearch StackOverflow vulnerability Moderate
CVE-2024-37280 was published for org.elasticsearch:elasticsearch (Maven) Jun 13, 2024
ProTip! Advisories are also available from the GraphQL API