GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,154
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
652
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,397 advisories
Filter by severity
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can...
High
Unreviewed
CVE-2024-8599
was published
Oct 30, 2024
A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a...
High
Unreviewed
CVE-2024-9489
was published
Oct 30, 2024
A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force...
High
Unreviewed
CVE-2024-8597
was published
Oct 30, 2024
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force...
High
Unreviewed
CVE-2024-8600
was published
Oct 30, 2024
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can...
High
Unreviewed
CVE-2024-8598
was published
Oct 30, 2024
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow
High
CVE-2018-10055
was published
for
tensorflow
(pip)
Apr 30, 2019
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow
High
CVE-2018-8825
was published
for
tensorflow
(pip)
Apr 24, 2019
A denial service vulnerability has been found on Hex Workshop affecting version 6.7, an attacker...
High
Unreviewed
CVE-2024-0429
was published
Jan 11, 2024
EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID...
High
Unreviewed
CVE-2023-45230
was published
Jan 16, 2024
Py-EVM is vulnerable to arbitrary bytecode injection
High
CVE-2018-18920
was published
for
py-evm
(pip)
Nov 21, 2018
PyFriBidi Buffer overflow in the fribidi_utf8_to_unicode function
High
CVE-2012-1176
was published
for
pyfribidi
(pip)
May 17, 2022
Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP...
High
Unreviewed
CVE-2009-2502
was published
May 2, 2022
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before...
High
Unreviewed
CVE-2016-5278
was published
May 14, 2022
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows...
High
Unreviewed
CVE-2016-2819
was published
May 14, 2022
A buffer overflow vulnerability while parsing "application/http-index-format" format content when...
High
Unreviewed
CVE-2017-5444
was published
May 14, 2022
Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in...
High
Unreviewed
CVE-2010-0820
was published
May 2, 2022
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP...
High
Unreviewed
CVE-2011-1282
was published
May 13, 2022
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows...
High
Unreviewed
CVE-2012-1891
was published
May 13, 2022
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix DEVMAP_HASH...
High
Unreviewed
CVE-2024-26885
was published
Apr 17, 2024
Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a...
High
Unreviewed
CVE-2024-21455
was published
Oct 7, 2024
Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to...
High
Unreviewed
CVE-2010-0037
was published
May 2, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat
High
CVE-2016-6817
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer...
High
Unreviewed
CVE-2016-9428
was published
May 17, 2022
Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to...
High
Unreviewed
CVE-2010-0036
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API