Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

660 advisories

Loading
Dell Digital Delivery, versions prior to 5.0.86.0, contain a Buffer Overflow vulnerability. A... High Unreviewed
CVE-2024-0156 was published Mar 4, 2024
Windows Cryptographic Services Remote Code Execution Vulnerability High Unreviewed
CVE-2024-30020 was published May 14, 2024
libarchive Remote Code Execution Vulnerability High Unreviewed
CVE-2024-26256 was published Apr 9, 2024
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40655 was published Sep 16, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40660 was published Sep 16, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-40661 was published Sep 16, 2022
Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-13050 was published Dec 30, 2024
Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-13051 was published Dec 30, 2024
Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote... High Unreviewed
CVE-2024-8905 was published Sep 17, 2024
Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to... High Unreviewed
CVE-2024-7018 was published Sep 24, 2024
GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock... High Unreviewed
CVE-2024-56737 was published Dec 29, 2024
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21330 was published Mar 12, 2024
Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker... High Unreviewed
CVE-2024-5493 was published May 31, 2024
Luxion KeyShot 3DS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-11576 was published Nov 22, 2024
Luxion KeyShot ABC File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-11580 was published Nov 22, 2024
Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to... High Unreviewed
CVE-2024-5160 was published May 22, 2024
Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote... High Unreviewed
CVE-2024-4559 was published May 7, 2024
IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-6816 was published Nov 22, 2024
IrfanView XCF Plugin XCF File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-11511 was published Nov 22, 2024
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Heap-based Buffer... High Unreviewed
CVE-2024-49545 was published Dec 10, 2024
Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2024-52995 was published Dec 10, 2024
Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2024-52996 was published Dec 10, 2024
Media Encoder versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2024-49552 was published Dec 10, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a... High Unreviewed
CVE-2024-12669 was published Dec 17, 2024
A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can be used to cause a... High Unreviewed
CVE-2024-12670 was published Dec 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database