GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86,754 advisories
Filter by severity
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
High
Unreviewed
CVE-2024-23373
was published
Jul 1, 2024
Memory corruption while handling user packets during VBO bind operation.
High
Unreviewed
CVE-2024-23380
was published
Jul 1, 2024
Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater...
High
Unreviewed
CVE-2024-23372
was published
Jul 1, 2024
Memory corruption when allocating and accessing an entry in an SMEM partition.
High
Unreviewed
CVE-2024-23368
was published
Jul 1, 2024
Memory corruption while processing key blob passed by the user.
High
Unreviewed
CVE-2024-21465
was published
Jul 1, 2024
Transient DOS while loading the TA ELF file.
High
Unreviewed
CVE-2024-21462
was published
Jul 1, 2024
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
High
Unreviewed
CVE-2024-21461
was published
Jul 1, 2024
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in...
High
Unreviewed
CVE-2024-21460
was published
Jul 1, 2024
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07...
High
Unreviewed
CVE-2024-4007
was published
Jul 1, 2024
Memory corruption while processing IOCTL handler in FastRPC.
High
Unreviewed
CVE-2023-43554
was published
Jul 1, 2024
By design, the DHCP protocol does not authenticate messages, including for example the classless...
High
Unreviewed
CVE-2024-3661
was published
May 6, 2024
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow...
High
Unreviewed
CVE-2003-0693
was published
Apr 29, 2022
CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type...
High
Unreviewed
CVE-2024-3123
was published
Jul 1, 2024
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with...
High
Unreviewed
CVE-2023-4727
was published
Jun 11, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This...
High
Unreviewed
CVE-2024-28798
was published
Jun 30, 2024
The WordPress Plugin for Google Maps – WP MAPS plugin for WordPress is vulnerable to SQL...
High
Unreviewed
CVE-2024-2386
was published
Jun 29, 2024
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th...
High
Unreviewed
CVE-2024-25943
was published
Jun 29, 2024
DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the...
High
Unreviewed
CVE-2021-41689
was published
Jun 29, 2022
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.
High
Unreviewed
CVE-2022-43272
was published
Dec 2, 2022
The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in...
High
Unreviewed
CVE-2024-5598
was published
Jun 29, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika
High
Unreviewed
CVE-2024-5712
was published
Jun 29, 2024
DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but...
High
Unreviewed
CVE-2021-41688
was published
Jun 29, 2022
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage...
High
Unreviewed
CVE-2024-28130
was published
Apr 23, 2024
DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all...
High
Unreviewed
CVE-2021-41690
was published
Jun 29, 2022
DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for...
High
Unreviewed
CVE-2021-41687
was published
Jun 29, 2022
ProTip!
Advisories are also available from the
GraphQL API