Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,784 advisories

Loading
D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function. High Unreviewed
CVE-2024-44375 was published Sep 9, 2024
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the... High Unreviewed
CVE-2024-32668 was published Sep 5, 2024
Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which... Critical Unreviewed
CVE-2024-42642 was published Sep 4, 2024
A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by... Moderate Unreviewed
CVE-2024-8408 was published Sep 4, 2024
Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers... High Unreviewed
CVE-2024-34660 was published Sep 4, 2024
Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote... High Unreviewed
CVE-2024-34657 was published Sep 4, 2024
Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to... High Unreviewed
CVE-2024-7970 was published Sep 4, 2024
Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory... Critical Unreviewed
CVE-2024-8389 was published Sep 3, 2024
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were... Critical Unreviewed
CVE-2024-8384 was published Sep 3, 2024
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of... Critical Unreviewed
CVE-2024-8387 was published Sep 3, 2024
Memory corruption when Alternative Frequency offset value is set to 255. High Unreviewed
CVE-2024-33042 was published Sep 2, 2024
Memory corruption when BTFM client sends new messages over Slimbus to ADSP. High Unreviewed
CVE-2024-33045 was published Sep 2, 2024
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. High Unreviewed
CVE-2024-33038 was published Sep 2, 2024
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual... High Unreviewed
CVE-2024-33054 was published Sep 2, 2024
Memory corruption when user provides data for FM HCI command control operations. High Unreviewed
CVE-2024-33052 was published Sep 2, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre... High Unreviewed
CVE-2024-39816 was published Sep 2, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre... High Unreviewed
CVE-2024-38386 was published Sep 2, 2024
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed
CVE-2024-20086 was published Sep 2, 2024
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed
CVE-2024-20087 was published Sep 2, 2024
HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an... Critical Unreviewed
CVE-2024-45508 was published Sep 2, 2024
NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out... Moderate Unreviewed
CVE-2024-0110 was published Aug 31, 2024
xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data,... High Unreviewed
CVE-2024-43700 was published Aug 29, 2024
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker... High Unreviewed
CVE-2024-8193 was published Aug 29, 2024
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service... High Unreviewed
CVE-2024-8250 was published Aug 29, 2024
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker... High Unreviewed
CVE-2024-8198 was published Aug 29, 2024
ProTip! Advisories are also available from the GraphQL API