GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
97 advisories
Filter by severity
heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is...
Moderate
Unreviewed
CVE-2022-1244
was published
Apr 6, 2022
There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is...
Moderate
Unreviewed
CVE-2020-27845
was published
May 24, 2022
There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker...
Moderate
Unreviewed
CVE-2020-27841
was published
May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC PDM (All versions),...
Moderate
Unreviewed
CVE-2020-7586
was published
May 24, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Moderate
Unreviewed
CVE-2022-0714
was published
Feb 23, 2022
A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service...
Moderate
Unreviewed
CVE-2020-27829
was published
May 24, 2022
vim is vulnerable to Heap-based Buffer Overflow
Moderate
Unreviewed
CVE-2022-0158
was published
Jan 11, 2022
A heap-based buffer overflow flaw was found in the Fribidi package and affects the...
Moderate
Unreviewed
CVE-2022-25309
was published
Sep 7, 2022
A vulnerability classified as critical was found in vox2png 1.0. Affected by this vulnerability...
Moderate
Unreviewed
CVE-2023-1010
was published
Feb 24, 2023
A vulnerability, which was classified as problematic, has been found in syoyo tinydng. Affected...
Moderate
Unreviewed
CVE-2023-1570
was published
Mar 22, 2023
A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA...
Moderate
Unreviewed
CVE-2023-20081
was published
Mar 23, 2023
Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5...
Moderate
Unreviewed
CVE-2022-1052
was published
Mar 25, 2022
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability...
Moderate
Unreviewed
CVE-2021-36056
was published
May 24, 2022
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
Moderate
Unreviewed
CVE-2023-4682
was published
Aug 31, 2023
A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the...
Moderate
Unreviewed
CVE-2023-2241
was published
Apr 22, 2023
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.
Moderate
Unreviewed
CVE-2023-3291
was published
Jun 16, 2023
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.
Moderate
Unreviewed
CVE-2023-5686
was published
Oct 20, 2023
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.
Moderate
Unreviewed
CVE-2023-5344
was published
Oct 2, 2023
IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow,...
Moderate
Unreviewed
CVE-2023-28526
was published
Dec 9, 2023
IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused...
Moderate
Unreviewed
CVE-2023-28527
was published
Dec 9, 2023
When reading DesFire keys, the function that reads the card isn't properly checking the...
Moderate
Unreviewed
CVE-2023-33221
was published
Dec 15, 2023
NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer...
Moderate
Unreviewed
CVE-2023-31031
was published
Jan 12, 2024
A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper...
Moderate
Unreviewed
CVE-2024-21596
was published
Jan 12, 2024
A Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper...
Moderate
Unreviewed
CVE-2024-21594
was published
Jan 12, 2024
A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data...
Moderate
Unreviewed
CVE-2024-0684
was published
Feb 6, 2024
ProTip!
Advisories are also available from the
GraphQL API