Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

235 advisories

Loading
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software... High Unreviewed
CVE-2024-20304 was published Sep 11, 2024
ic-cdk has a memory leak when calling a canister method via `ic_cdk::call` High
CVE-2024-7884 was published for ic_cdk (Rust) Sep 5, 2024
adamspofford-dfinity
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and... High Unreviewed
CVE-2024-44964 was published Sep 4, 2024
Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchmark/main.c. High Unreviewed
CVE-2024-27508 was published Feb 27, 2024
libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/apps/ts2las.cpp. High Unreviewed
CVE-2024-27507 was published Feb 27, 2024
A memory leak issue discovered in parseSWF_FREECHARACTER in libming v0.4.8 allows attackers to... High Unreviewed
CVE-2024-24148 was published Feb 28, 2024
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The... High Unreviewed
CVE-2023-32247 was published Jul 24, 2023
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in... High Unreviewed
CVE-2021-28665 was published May 24, 2022
A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of... High Unreviewed
CVE-2024-39550 was published Jul 11, 2024
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon ... High Unreviewed
CVE-2024-39549 was published Jul 11, 2024
In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak... High Unreviewed
CVE-2022-48855 was published Jul 16, 2024
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and... High Unreviewed
CVE-2018-0158 was published May 13, 2022
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple... High Unreviewed
CVE-2023-41102 was published Nov 17, 2023
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object. High Unreviewed
CVE-2022-43272 was published Dec 2, 2022
DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all... High Unreviewed
CVE-2021-41690 was published Jun 29, 2022
DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for... High Unreviewed
CVE-2021-41687 was published Jun 29, 2022
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt... High Unreviewed
CVE-2023-26257 was published Feb 27, 2023
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions... High Unreviewed
CVE-2023-38380 was published Dec 12, 2023
MsQuic Remote Denial of Service Vulnerability High
CVE-2023-36435 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All... High Unreviewed
CVE-2022-38371 was published Oct 11, 2022
Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server... High Unreviewed
CVE-2023-33086 was published Mar 4, 2024
Transient DOS while processing IE fragments from server during DTLS handshake. High Unreviewed
CVE-2023-33084 was published Mar 4, 2024
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. High Unreviewed
CVE-2023-21666 was published May 2, 2023
Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic... High Unreviewed
CVE-2023-30637 was published Apr 14, 2023
ProTip! Advisories are also available from the GraphQL API