Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,163 advisories

Loading
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow... Moderate Unreviewed
CVE-2023-27892 was published May 2, 2023
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component... Moderate Unreviewed
CVE-2023-29941 was published May 5, 2023
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force... High Unreviewed
CVE-2024-7670 was published Sep 30, 2024
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3. A... Moderate Unreviewed
CVE-2023-27945 was published May 8, 2023
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840... High Unreviewed
CVE-2016-5198 was published May 14, 2022
In HeifDecoderImpl::getScanline of HeifDecoderImpl.cpp, there is a possible out of bounds read... Moderate Unreviewed
CVE-2017-13317 was published Jan 28, 2025
In HeifDataSource::readAt of HeifDecoderImpl.cpp, there is a possible out of bounds read due to... Moderate Unreviewed
CVE-2017-13318 was published Jan 28, 2025
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome... High Unreviewed
CVE-2016-1646 was published May 14, 2022
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3... Moderate Unreviewed
CVE-2025-24092 was published Jan 28, 2025
A path handling issue was addressed with improved validation. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24115 was published Jan 28, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24093 was published Jan 28, 2025
Windows Remote Access Connection Manager Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30039 was published May 14, 2024
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux,... High Unreviewed
CVE-2017-5030 was published Apr 30, 2022
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... Moderate Unreviewed
CVE-2024-54478 was published Jan 28, 2025
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2,... Moderate Unreviewed
CVE-2024-54518 was published Jan 28, 2025
A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-54507 was published Jan 28, 2025
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker... Low Unreviewed
CVE-2024-0149 was published Jan 28, 2025
Information disclosure in Video while parsing mp2 clip with invalid section length. High Unreviewed
CVE-2023-43555 was published Jun 3, 2024
Information disclosure while handling T2LM Action Frame in WLAN Host. Moderate Unreviewed
CVE-2023-43537 was published Jun 3, 2024
The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit... High Unreviewed
CVE-2024-24417 was published Jan 22, 2025
In pqframework, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-20719 was published May 16, 2023
An unauthenticated remote attacker can read memory out of bounds due to improper input validation... Moderate Unreviewed
CVE-2024-26000 was published Mar 12, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Low Unreviewed
CVE-2025-21546 was published Jan 21, 2025
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might... Moderate Unreviewed
CVE-2024-7347 was published Aug 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database