GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
8,784 advisories
Filter by severity
D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function.
High
Unreviewed
CVE-2024-44375
was published
Sep 9, 2024
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the...
High
Unreviewed
CVE-2024-32668
was published
Sep 5, 2024
Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which...
Critical
Unreviewed
CVE-2024-42642
was published
Sep 4, 2024
A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by...
Moderate
Unreviewed
CVE-2024-8408
was published
Sep 4, 2024
Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers...
High
Unreviewed
CVE-2024-34660
was published
Sep 4, 2024
Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote...
High
Unreviewed
CVE-2024-34657
was published
Sep 4, 2024
Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to...
High
Unreviewed
CVE-2024-7970
was published
Sep 4, 2024
Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory...
Critical
Unreviewed
CVE-2024-8389
was published
Sep 3, 2024
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were...
Critical
Unreviewed
CVE-2024-8384
was published
Sep 3, 2024
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of...
Critical
Unreviewed
CVE-2024-8387
was published
Sep 3, 2024
Memory corruption when Alternative Frequency offset value is set to 255.
High
Unreviewed
CVE-2024-33042
was published
Sep 2, 2024
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
High
Unreviewed
CVE-2024-33045
was published
Sep 2, 2024
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.
High
Unreviewed
CVE-2024-33038
was published
Sep 2, 2024
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual...
High
Unreviewed
CVE-2024-33054
was published
Sep 2, 2024
Memory corruption when user provides data for FM HCI command control operations.
High
Unreviewed
CVE-2024-33052
was published
Sep 2, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre...
High
Unreviewed
CVE-2024-39816
was published
Sep 2, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre...
High
Unreviewed
CVE-2024-38386
was published
Sep 2, 2024
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead...
High
Unreviewed
CVE-2024-20086
was published
Sep 2, 2024
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead...
High
Unreviewed
CVE-2024-20087
was published
Sep 2, 2024
HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an...
Critical
Unreviewed
CVE-2024-45508
was published
Sep 2, 2024
NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out...
Moderate
Unreviewed
CVE-2024-0110
was published
Aug 31, 2024
xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data,...
High
Unreviewed
CVE-2024-43700
was published
Aug 29, 2024
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker...
High
Unreviewed
CVE-2024-8193
was published
Aug 29, 2024
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service...
High
Unreviewed
CVE-2024-8250
was published
Aug 29, 2024
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker...
High
Unreviewed
CVE-2024-8198
was published
Aug 29, 2024
ProTip!
Advisories are also available from the
GraphQL API