Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

43 advisories

Loading
Possible out of bound access of DCI resources due to lack of validation process and resource... Moderate Unreviewed
CVE-2021-30325 was published Feb 12, 2022
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to... Moderate Unreviewed
CVE-2005-0369 was published May 1, 2022
Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2,... Moderate Unreviewed
CVE-2007-5756 was published May 1, 2022
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2... Moderate Unreviewed
CVE-2010-2806 was published May 13, 2022
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-7170 was published May 13, 2022
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to... Moderate Unreviewed
CVE-2018-16648 was published May 13, 2022
Exceeding the limit of usage entries are not tracked and the information will be lost causing the... Moderate Unreviewed
CVE-2018-11948 was published May 14, 2022
FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in... Moderate Unreviewed
CVE-2019-1000016 was published May 14, 2022
Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the... Moderate Unreviewed
CVE-2015-8316 was published May 17, 2022
Multiple memory corruption issues were addressed with improved memory handling. This issue is... Moderate Unreviewed
CVE-2019-8587 was published May 24, 2022
Possible memory corruption in perfservice due to improper validation array length taken from user... Moderate Unreviewed
CVE-2020-3676 was published May 24, 2022
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has... Moderate Unreviewed
CVE-2020-20412 was published May 24, 2022
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for... Moderate Unreviewed
CVE-2021-1117 was published May 24, 2022
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free... Moderate Unreviewed
CVE-2021-35121 was published Jun 15, 2022
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high... Moderate Unreviewed
CVE-2022-31603 was published Jul 5, 2022
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x... Moderate Unreviewed
CVE-2022-42011 was published Oct 10, 2022
If array shift operations are not used, the Garbage Collector may have become confused about... Moderate Unreviewed
CVE-2022-31745 was published Dec 22, 2022
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47348 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47342 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47346 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47344 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47343 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47345 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47347 was published Feb 12, 2023
In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2023-20633 was published Mar 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database