Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,953 advisories

Loading
Mozilla developers and community members reported memory safety bugs present in Firefox 68,... Critical Unreviewed
CVE-2019-11740 was published May 24, 2022
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and... Critical Unreviewed
CVE-2019-11709 was published May 24, 2022
The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to... Critical Unreviewed
CVE-2019-9792 was published May 24, 2022
An integer overflow can occur in the Skia library due to 32-bit integer use in an array without... Critical Unreviewed
CVE-2018-5159 was published May 14, 2022
Mozilla developers and community members reported memory safety bugs present in Firefox 65,... Critical Unreviewed
CVE-2019-9788 was published May 24, 2022
The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics... Critical Unreviewed
CVE-2019-11693 was published May 24, 2022
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in... Critical Unreviewed
CVE-2018-5147 was published May 14, 2022
Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow... Critical Unreviewed
CVE-2018-5002 was published May 13, 2022
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated... Critical Unreviewed
CVE-2025-9242 was published Sep 17, 2025
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in... Critical Unreviewed
CVE-2024-23265 was published Mar 8, 2024
An out-of-bounds write vulnerability exists in the BrainVisionMarker Parsing functionality of The... Critical Unreviewed
CVE-2024-23305 was published Feb 20, 2024
Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of... Critical Unreviewed
CVE-2023-35965 was published Oct 11, 2023
Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data... Critical Unreviewed
CVE-2023-35967 was published Oct 11, 2023
Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of... Critical Unreviewed
CVE-2023-35966 was published Oct 11, 2023
A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of... Critical Unreviewed
CVE-2023-34346 was published Oct 11, 2023
A stack-based buffer overflow vulnerability exists in the httpd do_wds functionality of Yifan... Critical Unreviewed
CVE-2023-31272 was published Oct 11, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-0194 was published Mar 28, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-23122 was published Mar 28, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-23125 was published Mar 28, 2023
SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable... Critical Unreviewed
CVE-2022-24030 was published Feb 10, 2022
SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable... Critical Unreviewed
CVE-2021-42554 was published Feb 10, 2022
An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2... Critical Unreviewed
CVE-2021-45970 was published Feb 10, 2022
An issue was discovered in NvmExpressDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM... Critical Unreviewed
CVE-2022-24031 was published Feb 9, 2022
SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running... Critical Unreviewed
CVE-2021-43615 was published Feb 9, 2022
A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig... Critical Unreviewed
CVE-2024-21795 was published Feb 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database