Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

86,754 advisories

Loading
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. High Unreviewed
CVE-2024-23373 was published Jul 1, 2024
Memory corruption while handling user packets during VBO bind operation. High Unreviewed
CVE-2024-23380 was published Jul 1, 2024
Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater... High Unreviewed
CVE-2024-23372 was published Jul 1, 2024
Memory corruption when allocating and accessing an entry in an SMEM partition. High Unreviewed
CVE-2024-23368 was published Jul 1, 2024
Memory corruption while processing key blob passed by the user. High Unreviewed
CVE-2024-21465 was published Jul 1, 2024
Transient DOS while loading the TA ELF file. High Unreviewed
CVE-2024-21462 was published Jul 1, 2024
Memory corruption while performing finish HMAC operation when context is freed by keymaster. High Unreviewed
CVE-2024-21461 was published Jul 1, 2024
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in... High Unreviewed
CVE-2024-21460 was published Jul 1, 2024
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07... High Unreviewed
CVE-2024-4007 was published Jul 1, 2024
Memory corruption while processing IOCTL handler in FastRPC. High Unreviewed
CVE-2023-43554 was published Jul 1, 2024
By design, the DHCP protocol does not authenticate messages, including for example the classless... High Unreviewed
CVE-2024-3661 was published May 6, 2024
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow... High Unreviewed
CVE-2003-0693 was published Apr 29, 2022
CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type... High Unreviewed
CVE-2024-3123 was published Jul 1, 2024
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with... High Unreviewed
CVE-2023-4727 was published Jun 11, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This... High Unreviewed
CVE-2024-28798 was published Jun 30, 2024
The WordPress Plugin for Google Maps – WP MAPS plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-2386 was published Jun 29, 2024
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th... High Unreviewed
CVE-2024-25943 was published Jun 29, 2024
DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the... High Unreviewed
CVE-2021-41689 was published Jun 29, 2022
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object. High Unreviewed
CVE-2022-43272 was published Dec 2, 2022
The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in... High Unreviewed
CVE-2024-5598 was published Jun 29, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika High Unreviewed
CVE-2024-5712 was published Jun 29, 2024
DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but... High Unreviewed
CVE-2021-41688 was published Jun 29, 2022
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage... High Unreviewed
CVE-2024-28130 was published Apr 23, 2024
DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all... High Unreviewed
CVE-2021-41690 was published Jun 29, 2022
DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for... High Unreviewed
CVE-2021-41687 was published Jun 29, 2022
ProTip! Advisories are also available from the GraphQL API