Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

468 advisories

Loading
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in... Critical Unreviewed
CVE-2023-41359 was published Aug 29, 2023
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15... Critical Unreviewed
CVE-2023-37285 was published Jul 28, 2023
An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does... Critical Unreviewed
CVE-2023-38432 was published Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in... Critical Unreviewed
CVE-2023-38426 was published Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not... Critical Unreviewed
CVE-2023-38428 was published Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd... Critical Unreviewed
CVE-2023-38431 was published Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request... Critical Unreviewed
CVE-2023-38430 was published Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an... Critical Unreviewed
CVE-2023-38427 was published Jul 18, 2023
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation... Critical Unreviewed
CVE-2023-29461 was published Jul 6, 2023
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation... Critical Unreviewed
CVE-2023-29460 was published Jul 6, 2023
An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause... Critical Unreviewed
CVE-2023-0645 was published Jul 6, 2023
Vulnerability of missing input length verification in the distributed file system. Successful... Critical Unreviewed
CVE-2023-37240 was published Jul 6, 2023
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their... Critical Unreviewed
CVE-2023-2989 was published Jun 22, 2023
In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution... Critical Unreviewed
CVE-2023-21130 was published Jun 15, 2023
The facial recognition TA of some products has the out-of-bounds memory read vulnerability.... Critical Unreviewed
CVE-2022-48479 was published May 26, 2023
The `news` MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that... Critical Unreviewed
CVE-2023-23301 was published May 23, 2023
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is... Critical Unreviewed
CVE-2023-2597 was published May 22, 2023
The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation... Critical Unreviewed
CVE-2022-48312 was published Apr 16, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... Critical Unreviewed
CVE-2022-23124 was published Mar 28, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... Critical Unreviewed
CVE-2022-23123 was published Mar 28, 2023
In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based... Critical Unreviewed
CVE-2023-26253 was published Feb 21, 2023
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. Critical Unreviewed
CVE-2022-4337 was published Jan 11, 2023
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Critical Unreviewed
CVE-2022-4338 was published Jan 11, 2023
Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert... Critical Unreviewed
CVE-2022-28228 was published Dec 24, 2022
A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF... Critical Unreviewed
CVE-2022-41649 was published Dec 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database