GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
50 advisories
Filter by severity
Possible out of bound access of DCI resources due to lack of validation process and resource...
Moderate
Unreviewed
CVE-2021-30325
was published
Feb 12, 2022
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to...
Moderate
Unreviewed
CVE-2005-0369
was published
May 1, 2022
Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2,...
Moderate
Unreviewed
CVE-2007-5756
was published
May 1, 2022
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2...
Moderate
Unreviewed
CVE-2010-2806
was published
May 13, 2022
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local...
Moderate
Unreviewed
CVE-2016-7170
was published
May 13, 2022
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to...
Moderate
Unreviewed
CVE-2018-16648
was published
May 13, 2022
Exceeding the limit of usage entries are not tracked and the information will be lost causing the...
Moderate
Unreviewed
CVE-2018-11948
was published
May 14, 2022
FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in...
Moderate
Unreviewed
CVE-2019-1000016
was published
May 14, 2022
Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the...
Moderate
Unreviewed
CVE-2015-8316
was published
May 17, 2022
Multiple memory corruption issues were addressed with improved memory handling. This issue is...
Moderate
Unreviewed
CVE-2019-8587
was published
May 24, 2022
Possible memory corruption in perfservice due to improper validation array length taken from user...
Moderate
Unreviewed
CVE-2020-3676
was published
May 24, 2022
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has...
Moderate
Unreviewed
CVE-2020-20412
was published
May 24, 2022
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for...
Moderate
Unreviewed
CVE-2021-1117
was published
May 24, 2022
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free...
Moderate
Unreviewed
CVE-2021-35121
was published
Jun 15, 2022
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high...
Moderate
Unreviewed
CVE-2022-31603
was published
Jul 5, 2022
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x...
Moderate
Unreviewed
CVE-2022-42011
was published
Oct 10, 2022
If array shift operations are not used, the Garbage Collector may have become confused about...
Moderate
Unreviewed
CVE-2022-31745
was published
Dec 22, 2022
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47348
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47342
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47345
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47344
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47347
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47346
was published
Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of...
Moderate
Unreviewed
CVE-2022-47343
was published
Feb 12, 2023
In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to...
Moderate
Unreviewed
CVE-2023-20633
was published
Mar 7, 2023
ProTip!
Advisories are also available from the
GraphQL API