GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
116 advisories
Filter by severity
A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied)...
High
Unreviewed
CVE-2020-35511
was published
Aug 24, 2022
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol...
High
Unreviewed
CVE-2021-1373
was published
May 24, 2022
Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.
High
Unreviewed
CVE-2023-0817
was published
Feb 14, 2023
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
High
Unreviewed
CVE-2022-1769
was published
May 18, 2022
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This...
High
Unreviewed
CVE-2022-1720
was published
Jun 21, 2022
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This...
High
Unreviewed
CVE-2022-1629
was published
May 11, 2022
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
High
Unreviewed
CVE-2022-2124
was published
Jun 20, 2022
Buffer Over-read in GitHub repository vim/vim prior to 9.0.0217.
High
Unreviewed
CVE-2022-2845
was published
Aug 18, 2022
Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV.
High
Unreviewed
CVE-2022-3178
was published
Sep 13, 2022
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
High
Unreviewed
CVE-2022-2175
was published
Jun 24, 2022
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote...
High
Unreviewed
CVE-2024-20290
was published
Feb 7, 2024
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe)...
High
Unreviewed
CVE-2023-24513
was published
Apr 12, 2023
An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3...
High
Unreviewed
CVE-2023-23571
was published
Jul 6, 2023
Windows USB Print Driver Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-26243
was published
Apr 9, 2024
Memory corruption while processing buffer initialization, when trusted report for certain report...
High
Unreviewed
CVE-2023-33115
was published
Apr 1, 2024
Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol...
High
Unreviewed
CVE-2023-43539
was published
Mar 4, 2024
Information disclosure in modem due to buffer over-red while performing checksum of packet received
High
Unreviewed
CVE-2022-25738
was published
Feb 12, 2023
Information disclosure in modem due to buffer over-read while processing response from DNS server
High
Unreviewed
CVE-2022-25728
was published
Feb 12, 2023
Information disclosure in modem due to buffer over read in dns client due to missing length check
High
Unreviewed
CVE-2022-25732
was published
Feb 12, 2023
Information disclosure due to buffer over-read in Modem while using static array to process IPv4...
High
Unreviewed
CVE-2022-33229
was published
Feb 12, 2023
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
High
Unreviewed
CVE-2022-33271
was published
Feb 12, 2023
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
High
Unreviewed
CVE-2022-40512
was published
Feb 12, 2023
Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size...
High
Unreviewed
CVE-2022-33309
was published
Mar 10, 2023
Information disclosure in modem due to improper check of IP type while processing DNS server query
High
Unreviewed
CVE-2022-25730
was published
Apr 13, 2023
Information disclosure due to buffer over-read while parsing DNS response packets in Modem.
High
Unreviewed
CVE-2022-33222
was published
Apr 13, 2023
ProTip!
Advisories are also available from the
GraphQL API