Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,567 advisories

Loading
In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read... High Unreviewed
CVE-2024-53834 was published Jan 3, 2025
In multiple locations, there is a possible way to avoid unbinding of a service from the system... High Unreviewed
CVE-2024-43762 was published Jan 3, 2025
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2024-43097 was published Jan 3, 2025
WinZip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass... High Unreviewed
CVE-2024-8811 was published Nov 22, 2024
In skia_alloc_func of SkDeflate.cpp, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2024-43768 was published Jan 3, 2025
In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass... High Unreviewed
CVE-2024-43764 was published Jan 3, 2025
In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to... High Unreviewed
CVE-2024-43077 was published Jan 3, 2025
In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due... High Unreviewed
CVE-2024-43767 was published Jan 3, 2025
In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-47032 was published Jan 3, 2025
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could... High Unreviewed
CVE-2024-43769 was published Jan 3, 2025
In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an... High Unreviewed
CVE-2024-53837 was published Jan 3, 2025
In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused... High Unreviewed
CVE-2024-53841 was published Jan 3, 2025
In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out... High Unreviewed
CVE-2024-53838 was published Jan 3, 2025
there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to... High Unreviewed
CVE-2024-11624 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53840 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53835 was published Jan 3, 2025
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-11733 was published Jan 4, 2025
A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by... High Unreviewed
CVE-2024-13129 was published Jan 4, 2025
EaseUS Todo Backup version 20220111.390 - An omission during installation may allow a local... High Unreviewed
CVE-2023-32221 was published Jun 12, 2023
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-48814 was published Jan 3, 2025
FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component... High Unreviewed
CVE-2024-35365 was published Jan 3, 2025
pbjson vulnerable to stack exhaustion High
CVE-2023-34616 was published for com.progsbase.libraries:JSON (Maven) Jun 14, 2023
JSONUtil vulnerable to stack exhaustion High
CVE-2023-34615 was published for net.pwall.json:jsonutil (Maven) Jun 14, 2023
SiYuan has an arbitrary file deletion vulnerability High
CVE-2025-21609 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 3, 2025
N0el4kLs
Karmada PULL Mode Cluster Privilege Escalation High
CVE-2024-56513 was published for github.com/karmada-io/karmada (Go) Jan 3, 2025
zhzhuang-zju RainbowMango
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database