GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
125 advisories
Filter by severity
Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds...
Moderate
Unreviewed
CVE-2023-20508
was published
Feb 12, 2025
Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks,...
Low
Unreviewed
CVE-2023-20581
was published
Feb 12, 2025
Improper handling of invalid nested page table entries in the IOMMU may allow a privileged...
Moderate
Unreviewed
CVE-2023-20582
was published
Feb 12, 2025
Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to...
Moderate
Unreviewed
CVE-2023-20515
was published
Feb 12, 2025
Improper access control in the DRTM firmware could allow a privileged attacker to perform...
Low
Unreviewed
CVE-2023-31331
was published
Feb 12, 2025
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.7...
Low
Unreviewed
CVE-2025-24100
was published
Jan 28, 2025
An issue in the 690b33e1-0462-4e84-9bea-c7552b45432a.sys component of Asus GPU Tweak II Program...
High
Unreviewed
CVE-2024-55410
was published
Jan 7, 2025
An issue in the DeviceloControl function of ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers...
High
Unreviewed
CVE-2024-55407
was published
Jan 6, 2025
In Modem, there is a possible system crash due to improper input validation. This could lead to...
High
Unreviewed
CVE-2024-20149
was published
Jan 6, 2025
In the Linux kernel, the following vulnerability has been resolved:
netdevsim: prevent bad user...
Moderate
Unreviewed
CVE-2024-56716
was published
Dec 29, 2024
In OPPO Store APP, there's a possible escalation of privilege due to improper input validation.
High
Unreviewed
CVE-2024-1610
was published
Dec 18, 2024
IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or...
Moderate
Unreviewed
CVE-2024-52901
was published
Dec 12, 2024
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280,...
High
Unreviewed
CVE-2024-39343
was published
Dec 2, 2024
Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote...
Moderate
Unreviewed
CVE-2024-9369
was published
Nov 27, 2024
Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet...
High
Unreviewed
CVE-2024-47257
was published
Nov 26, 2024
A memory corruption vulnerability exists in the affected products when parsing DFT files. Local...
High
Unreviewed
CVE-2024-6068
was published
Nov 14, 2024
An issue in the Bluetooth Low Energy implementation of Realtek RTL8762E BLE SDK v1.4.0 allows...
Moderate
Unreviewed
CVE-2024-48290
was published
Nov 7, 2024
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric CNC...
Moderate
Unreviewed
CVE-2024-7316
was published
Oct 18, 2024
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling...
Moderate
Unreviewed
CVE-2024-8508
was published
Oct 3, 2024
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS)...
Critical
Unreviewed
CVE-2024-8887
was published
Sep 18, 2024
The Eaton Foreseer software provides multiple customizable input fields for the users to...
Moderate
Unreviewed
CVE-2024-31416
was published
Sep 13, 2024
A vulnerability classified as problematic was found in SourceCodester Food Ordering Management...
Moderate
Unreviewed
CVE-2024-8558
was published
Sep 7, 2024
The ctl_report_supported_opcodes function did not sufficiently validate a field provided by...
High
Unreviewed
CVE-2024-42416
was published
Sep 5, 2024
NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a...
Moderate
Unreviewed
CVE-2024-0111
was published
Aug 31, 2024
Improper input validation in Power Management Firmware (PMFW) may allow an attacker with...
Moderate
Unreviewed
CVE-2023-31310
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API