GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
468 advisories
Filter by severity
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in...
Critical
Unreviewed
CVE-2023-41359
was published
Aug 29, 2023
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15...
Critical
Unreviewed
CVE-2023-37285
was published
Jul 28, 2023
An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does...
Critical
Unreviewed
CVE-2023-38432
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in...
Critical
Unreviewed
CVE-2023-38426
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not...
Critical
Unreviewed
CVE-2023-38428
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd...
Critical
Unreviewed
CVE-2023-38431
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request...
Critical
Unreviewed
CVE-2023-38430
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an...
Critical
Unreviewed
CVE-2023-38427
was published
Jul 18, 2023
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation...
Critical
Unreviewed
CVE-2023-29460
was published
Jul 6, 2023
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation...
Critical
Unreviewed
CVE-2023-29461
was published
Jul 6, 2023
An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause...
Critical
Unreviewed
CVE-2023-0645
was published
Jul 6, 2023
Vulnerability of missing input length verification in the distributed file system. Successful...
Critical
Unreviewed
CVE-2023-37240
was published
Jul 6, 2023
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their...
Critical
Unreviewed
CVE-2023-2989
was published
Jun 22, 2023
In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution...
Critical
Unreviewed
CVE-2023-21130
was published
Jun 15, 2023
The facial recognition TA of some products has the out-of-bounds memory read vulnerability....
Critical
Unreviewed
CVE-2022-48479
was published
May 26, 2023
The `news` MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that...
Critical
Unreviewed
CVE-2023-23301
was published
May 23, 2023
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is...
Critical
Unreviewed
CVE-2023-2597
was published
May 22, 2023
The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation...
Critical
Unreviewed
CVE-2022-48312
was published
Apr 16, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected...
Critical
Unreviewed
CVE-2022-23124
was published
Mar 28, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected...
Critical
Unreviewed
CVE-2022-23123
was published
Mar 28, 2023
In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based...
Critical
Unreviewed
CVE-2023-26253
was published
Feb 21, 2023
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
Critical
Unreviewed
CVE-2022-4337
was published
Jan 11, 2023
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
Critical
Unreviewed
CVE-2022-4338
was published
Jan 11, 2023
Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert...
Critical
Unreviewed
CVE-2022-28228
was published
Dec 24, 2022
A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF...
Critical
Unreviewed
CVE-2022-41649
was published
Dec 23, 2022
ProTip!
Advisories are also available from the
GraphQL API