GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,961
Composer 4,055
Erlang 29
GitHub Actions 19
Go 1,889
Maven 5,076
npm 3,605
NuGet 638
pip 3,208
Pub 10
RubyGems 852
Rust 816
Swift 35

Unreviewed advisories

All unreviewed 227,369

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

9,132 advisories

Filter by severity

Sort by

Least recently updated

An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the... High Unreviewed

CVE-2024-32668 was published Sep 5, 2024

A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by... Moderate Unreviewed

CVE-2024-8408 was published Sep 4, 2024

Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers... High Unreviewed

CVE-2024-34660 was published Sep 4, 2024

Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote... High Unreviewed

CVE-2024-34657 was published Sep 4, 2024

Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to... High Unreviewed

CVE-2024-7970 was published Sep 4, 2024

Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory... Critical Unreviewed

CVE-2024-8389 was published Sep 3, 2024

The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were... Critical Unreviewed

CVE-2024-8384 was published Sep 3, 2024

Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of... Critical Unreviewed

CVE-2024-8387 was published Sep 3, 2024

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. High Unreviewed

CVE-2024-33038 was published Sep 2, 2024

Memory corruption when Alternative Frequency offset value is set to 255. High Unreviewed

CVE-2024-33042 was published Sep 2, 2024

Memory corruption when BTFM client sends new messages over Slimbus to ADSP. High Unreviewed

CVE-2024-33045 was published Sep 2, 2024

Memory corruption when user provides data for FM HCI command control operations. High Unreviewed

CVE-2024-33052 was published Sep 2, 2024

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual... High Unreviewed

CVE-2024-33054 was published Sep 2, 2024

in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre... High Unreviewed

CVE-2024-38386 was published Sep 2, 2024

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed

CVE-2024-20086 was published Sep 2, 2024

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed

CVE-2024-20087 was published Sep 2, 2024

in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre... High Unreviewed

CVE-2024-39816 was published Sep 2, 2024

HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an... Critical Unreviewed

CVE-2024-45508 was published Sep 2, 2024

NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out... Moderate Unreviewed

CVE-2024-0110 was published Aug 31, 2024

opencv-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High

GHSA-qr4w-53vh-m672 was published for opencv-python (pip) Aug 30, 2024

opencv-contrib-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High

GHSA-cxjf-x6jp-p7mc was published for opencv-contrib-python (pip) Aug 30, 2024

opencv-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High

GHSA-jh2j-j4j9-crg3 was published for opencv-python-headless (pip) Aug 30, 2024

opencv-contrib-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High

GHSA-w2pj-9cgh-mq2c was published for opencv-contrib-python-headless (pip) Aug 30, 2024

xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data,... High Unreviewed

CVE-2024-43700 was published Aug 29, 2024

Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker... High Unreviewed

CVE-2024-8198 was published Aug 29, 2024

Previous 1 2 3 4 5 … 365 366 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,132 advisories