Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

222 advisories

Loading
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software... High Unreviewed
CVE-2024-20304 was published Sep 11, 2024
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and... High Unreviewed
CVE-2024-44964 was published Sep 4, 2024
In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak... High Unreviewed
CVE-2022-48855 was published Jul 16, 2024
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon ... High Unreviewed
CVE-2024-39549 was published Jul 11, 2024
A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of... High Unreviewed
CVE-2024-39550 was published Jul 11, 2024
Transient DOS while processing IE fragments from server during DTLS handshake. High Unreviewed
CVE-2023-33084 was published Mar 4, 2024
Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server... High Unreviewed
CVE-2023-33086 was published Mar 4, 2024
A memory leak issue discovered in parseSWF_FREECHARACTER in libming v0.4.8 allows attackers to... High Unreviewed
CVE-2024-24148 was published Feb 28, 2024
Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchmark/main.c. High Unreviewed
CVE-2024-27508 was published Feb 27, 2024
libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/apps/ts2las.cpp. High Unreviewed
CVE-2024-27507 was published Feb 27, 2024
Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage. High Unreviewed
CVE-2023-33049 was published Feb 6, 2024
gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the... High Unreviewed
CVE-2024-24265 was published Feb 5, 2024
mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the... High Unreviewed
CVE-2024-24258 was published Feb 5, 2024
mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the... High Unreviewed
CVE-2024-24259 was published Feb 5, 2024
gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the... High Unreviewed
CVE-2024-24267 was published Feb 5, 2024
openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in... High Unreviewed
CVE-2024-22563 was published Jan 19, 2024
A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol... High Unreviewed
CVE-2024-21611 was published Jan 12, 2024
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version... High Unreviewed
CVE-2023-0248 was published Dec 14, 2023
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions... High Unreviewed
CVE-2023-38380 was published Dec 12, 2023
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes... High Unreviewed
CVE-2023-48090 was published Nov 20, 2023
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple... High Unreviewed
CVE-2023-41102 was published Nov 17, 2023
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks... High Unreviewed
CVE-2023-44192 was published Oct 13, 2023
When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server... High Unreviewed
CVE-2023-40534 was published Oct 10, 2023
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will... High Unreviewed
CVE-2023-3592 was published Oct 2, 2023
In canvas rendering, a compromised content process could have caused a surface to change... High Unreviewed
CVE-2023-5170 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API