Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,886 advisories

Loading
Eclipse Parsson stack overflow when parsing deeply nested input Critical
CVE-2023-7272 was published for org.eclipse.parsson:parsson (Maven) Jul 17, 2024
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing... Critical Unreviewed
CVE-2018-9341 was published Nov 19, 2024
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed
CVE-2018-9478 was published Nov 20, 2024
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed
CVE-2018-9479 was published Nov 20, 2024
In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a... Critical Unreviewed
CVE-2024-0039 was published Mar 11, 2024
There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment... Critical Unreviewed
CVE-2022-48174 was published Aug 22, 2023
An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service (TCP port... Critical Unreviewed
CVE-2024-52544 was published Dec 3, 2024
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in... Critical Unreviewed
CVE-2024-23265 was published Mar 8, 2024
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow... Critical Unreviewed
CVE-2022-23085 was published Feb 15, 2024
Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may... Critical Unreviewed
CVE-2023-52369 was published Feb 18, 2024
Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer... Critical Unreviewed
CVE-2022-23086 was published Feb 15, 2024
In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the... Critical Unreviewed
CVE-2024-55884 was published Dec 12, 2024
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways... Critical Unreviewed
CVE-2020-25014 was published May 24, 2022
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS... Critical Unreviewed
CVE-2024-44242 was published Dec 12, 2024
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2,... Critical Unreviewed
CVE-2024-54534 was published Dec 12, 2024
In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write... Critical Unreviewed
CVE-2024-0031 was published Feb 16, 2024
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to... Critical Unreviewed
CVE-2018-9471 was published Nov 20, 2024
Product: AndroidVersions: Android SoCAndroid ID: A-278156680 Critical Unreviewed
CVE-2021-0945 was published Jun 15, 2023
In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect... Critical Unreviewed
CVE-2018-9430 was published Dec 3, 2024
In dhd_prot_flowrings_pool_release of dhd_msgbuf.c, there is a possible outcof bounds write due... Critical Unreviewed
CVE-2024-47038 was published Dec 18, 2024
In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to an unusual root... Critical Unreviewed
CVE-2018-9416 was published Dec 5, 2024
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC... Critical Unreviewed
CVE-2023-34048 was published Oct 25, 2023
The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent... Critical Unreviewed
CVE-2017-8923 was published May 14, 2022
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote... Critical Unreviewed
CVE-2024-7024 was published Sep 24, 2024
Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c,... Critical Unreviewed
CVE-2022-28550 was published Jun 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database