Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

263,701 advisories

Loading
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. High Unreviewed
CVE-2023-34188 was published Jun 23, 2023
Memory corruption while processing API calls to NPU with invalid input. High Unreviewed
CVE-2024-43052 was published Dec 2, 2024
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater... High Unreviewed
CVE-2024-33063 was published Dec 2, 2024
Memory corruption while parsing sensor packets in camera driver, user-space variable is used... Moderate Unreviewed
CVE-2024-33036 was published Dec 2, 2024
Memory corruption while Configuring the SMR/S2CR register in Bypass mode. High Unreviewed
CVE-2024-33044 was published Dec 2, 2024
Memory corruption while invoking redundant release command to release one buffer from user space... Moderate Unreviewed
CVE-2024-33040 was published Dec 2, 2024
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver... Moderate Unreviewed
CVE-2024-33037 was published Dec 2, 2024
Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and... Moderate Unreviewed
CVE-2024-33039 was published Dec 2, 2024
Memory corruption when multiple threads try to unregister the CVP buffer at the same time. Moderate Unreviewed
CVE-2024-33053 was published Dec 2, 2024
In the Linux kernel, the following vulnerability has been resolved: leds: mlxreg: Use... Unknown Unreviewed
CVE-2024-42129 was published Jul 30, 2024
An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server... High Unreviewed
CVE-2024-10490 was published Dec 2, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix... High Unreviewed
CVE-2024-50221 was published Nov 9, 2024
In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference... Unknown Unreviewed
CVE-2024-42322 was published Aug 17, 2024
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check... High Unreviewed
CVE-2024-50242 was published Nov 9, 2024
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend... Unknown Unreviewed
CVE-2024-36244 was published Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix null-ptr... Moderate Unreviewed
CVE-2024-36478 was published Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of... Unknown Unreviewed
CVE-2024-26954 was published May 1, 2024
In the Linux kernel, the following vulnerability has been resolved: net: fec: remove ... Moderate Unreviewed
CVE-2024-38553 was published Jun 19, 2024
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not... Unknown Unreviewed
CVE-2024-35964 was published May 20, 2024
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of... High Unreviewed
CVE-2024-26952 was published May 1, 2024
In Telephony, there is a possible out of bounds read due to a missing bounds check. This could... Unknown Unreviewed
CVE-2024-20129 was published Dec 2, 2024
A security vulnerability in HPE IceWall products could be exploited remotely to cause... Low Unreviewed
CVE-2024-11856 was published Dec 2, 2024
Software installed and run as a non-privileged user may conduct improper GPU system calls to... High Unreviewed
CVE-2024-43702 was published Nov 30, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Maeve Lander PayPal Responder allows Stored... High Unreviewed
CVE-2024-53750 was published Dec 2, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-53752 was published Dec 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database