Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,362
Erlang
33
GitHub Actions
22
Go
2,134
Maven
5,000+
npm
3,797
NuGet
687
pip
3,473
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,155 advisories

Loading
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux,... High Unreviewed
CVE-2017-5030 was published Apr 30, 2022
Windows Remote Access Connection Manager Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30039 was published May 14, 2024
A path handling issue was addressed with improved validation. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24115 was published Jan 28, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24093 was published Jan 28, 2025
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3... Moderate Unreviewed
CVE-2025-24092 was published Jan 28, 2025
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome... High Unreviewed
CVE-2016-1646 was published May 14, 2022
In HeifDecoderImpl::getScanline of HeifDecoderImpl.cpp, there is a possible out of bounds read... Moderate Unreviewed
CVE-2017-13317 was published Jan 28, 2025
In HeifDataSource::readAt of HeifDecoderImpl.cpp, there is a possible out of bounds read due to... Moderate Unreviewed
CVE-2017-13318 was published Jan 28, 2025
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840... High Unreviewed
CVE-2016-5198 was published May 14, 2022
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3. A... Moderate Unreviewed
CVE-2023-27945 was published May 8, 2023
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force... High Unreviewed
CVE-2024-7670 was published Sep 30, 2024
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component... Moderate Unreviewed
CVE-2023-29941 was published May 5, 2023
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow... Moderate Unreviewed
CVE-2023-27892 was published May 2, 2023
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter... Low Unreviewed
CVE-2024-0173 was published Mar 13, 2024
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter... Low Unreviewed
CVE-2024-0154 was published Mar 13, 2024
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force... High Unreviewed
CVE-2024-8588 was published Oct 30, 2024
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force... High Unreviewed
CVE-2024-8589 was published Oct 30, 2024
In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2025-20640 was published Feb 3, 2025
A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force... High Unreviewed
CVE-2024-9827 was published Oct 30, 2024
In Telephony, there is a possible out of bounds read due to a missing bounds check. This could... High Unreviewed
CVE-2024-20129 was published Dec 2, 2024
In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2025-20643 was published Feb 3, 2025
Browsershot Improper Input Validation vulnerability Moderate
CVE-2024-21549 was published for spatie/browsershot (Composer) Dec 20, 2024
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote... High Unreviewed
CVE-2025-0612 was published Jan 22, 2025
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in... High Unreviewed
CVE-2024-38404 was published Feb 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database