Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

62 advisories

Loading
netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A... Critical Unreviewed
CVE-2023-28753 was published May 19, 2023
Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers... Critical Unreviewed
CVE-2023-0851 was published May 11, 2023
Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office... Critical Unreviewed
CVE-2023-0854 was published May 11, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-2848 was published Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-43634 was published Mar 29, 2023
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer... Critical Unreviewed
CVE-2023-23582 was published Jan 31, 2023
A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in... Critical Unreviewed
CVE-2022-41639 was published Dec 23, 2022
A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO... Critical Unreviewed
CVE-2022-41838 was published Dec 23, 2022
A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of... Critical Unreviewed
CVE-2022-41794 was published Dec 23, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. Critical Unreviewed
CVE-2022-3491 was published Dec 3, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. Critical Unreviewed
CVE-2022-3520 was published Dec 2, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a... Critical Unreviewed
CVE-2022-35712 was published Oct 15, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a... Critical Unreviewed
CVE-2022-35711 was published Oct 15, 2022
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 ... Critical Unreviewed
CVE-2022-34819 was published Jul 13, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-2207 was published Jun 28, 2022
libmysofa is vulnerable to Heap-based Buffer Overflow Critical Unreviewed
CVE-2021-3756 was published May 24, 2022
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which... Critical Unreviewed
CVE-2021-33023 was published May 24, 2022
Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06 Critical Unreviewed
CVE-2021-32959 was published May 24, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201... Critical Unreviewed
CVE-2021-25668 was published May 24, 2022
xbuf_format_converter, used as part of exif_read_data, was appending a terminating null character... Critical Unreviewed
CVE-2020-1917 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Critical Unreviewed
CVE-2020-25226 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Critical Unreviewed
CVE-2020-15800 was published May 24, 2022
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This... Critical Unreviewed
CVE-2020-27251 was published May 24, 2022
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An... Critical Unreviewed
CVE-2019-18325 was published May 24, 2022
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. Critical Unreviewed
CVE-2019-5482 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API