Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24 advisories

Loading
Substance3D - Painter versions 10.1.0 and earlier are affected by a Write-what-where Condition... Moderate Unreviewed
CVE-2024-47438 was published Nov 12, 2024
In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead... Moderate Unreviewed
CVE-2024-20118 was published Nov 4, 2024
In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead... Moderate Unreviewed
CVE-2024-20119 was published Nov 4, 2024
Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition... High Unreviewed
CVE-2024-45142 was published Oct 9, 2024
Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards ... High Unreviewed
CVE-2024-36877 was published Aug 12, 2024
Return registers were overwritten which could have allowed an attacker to execute arbitrary code.... High Unreviewed
CVE-2024-2607 was published Mar 19, 2024
Substance3D - Painter versions 9.1.1 and earlier are affected by a Write-what-where Condition... High Unreviewed
CVE-2024-20741 was published Feb 15, 2024
A vulnerability has been identified in syngo fastView (All versions). The affected application... High Unreviewed
CVE-2021-45465 was published Jan 4, 2024
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition... Moderate Unreviewed
CVE-2021-36057 was published May 24, 2022
A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE... Critical Unreviewed
CVE-2022-38143 was published Dec 23, 2022
Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability,... High Unreviewed
CVE-2017-10994 was published May 17, 2022
The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute... Critical Unreviewed
CVE-2015-8271 was published May 17, 2022
NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to... High Unreviewed
CVE-2017-6282 was published May 14, 2022
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series... High Unreviewed
CVE-2018-15375 was published May 13, 2022
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series... High Unreviewed
CVE-2018-15376 was published May 13, 2022
Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that... High Unreviewed
CVE-2018-16962 was published May 13, 2022
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality... High Unreviewed
CVE-2018-3971 was published May 13, 2022
Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which... Critical Unreviewed
CVE-2021-38441 was published May 6, 2022
A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all... High Unreviewed
CVE-2020-7560 was published May 24, 2022
Some API functions permit by-design writing or copying data into a given buffer. Since the client... Critical Unreviewed
CVE-2021-38449 was published May 24, 2022
The affected product is vulnerable to a unsanitized extract folder for system configuration. A... High Unreviewed
CVE-2021-42540 was published May 24, 2022
A vulnerability in the internal message processing of Cisco RV340, RV340W, RV345, and RV345P Dual... High Unreviewed
CVE-2021-1520 was published May 24, 2022
A vulnerability in one of the diagnostic test CLI commands of Cisco IOS XE Software could allow... High Unreviewed
CVE-2021-1390 was published May 24, 2022
An exploitable arbitrary write vulnerability exists in the open document format parser of the... High Unreviewed
CVE-2018-4038 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database