Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

240 advisories

Loading
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be... High Unreviewed
CVE-2023-28366 was published Sep 1, 2023
gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the... High Unreviewed
CVE-2024-24267 was published Feb 5, 2024
imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts(). High Unreviewed
CVE-2024-25450 was published Feb 9, 2024
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an... High Unreviewed
CVE-2025-29828 was published Jun 10, 2025
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker... High Unreviewed
CVE-2022-38178 was published Sep 22, 2022
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker... High Unreviewed
CVE-2022-38177 was published Sep 22, 2022
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to... High Unreviewed
CVE-2022-42311 was published Nov 1, 2022
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c omits a... High Unreviewed
CVE-2022-47941 was published Dec 23, 2022
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before... High Unreviewed
CVE-2016-6304 was published May 13, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... High Unreviewed
CVE-2016-4232 was published May 14, 2022
A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding... High Unreviewed
CVE-2025-30647 was published Apr 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing... High Unreviewed
CVE-2025-30658 was published Apr 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding... High Unreviewed
CVE-2025-21595 was published Apr 9, 2025
In the Linux kernel, the following vulnerability has been resolved: power: supply: rk817: Fix... High Unreviewed
CVE-2023-52571 was published Mar 3, 2024
A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All... High Unreviewed
CVE-2022-38371 was published Oct 11, 2022
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory,... High Unreviewed
CVE-2021-33645 was published Aug 11, 2022
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory,... High Unreviewed
CVE-2021-33646 was published Aug 11, 2022
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation... High Unreviewed
CVE-2024-8626 was published Oct 8, 2024
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will... High Unreviewed
CVE-2023-3592 was published Oct 2, 2023
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove cache... High Unreviewed
CVE-2024-56669 was published Dec 27, 2024
When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in... High Unreviewed
CVE-2025-21091 was published Feb 5, 2025
When segmenting specially crafted text, segmentation would corrupt memory leading to a... High Unreviewed
CVE-2025-0241 was published Jan 7, 2025
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a... High Unreviewed
CVE-2024-3382 was published Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use... High Unreviewed
CVE-2024-26734 was published Apr 3, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix... High Unreviewed
CVE-2024-56775 was published Jan 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database