GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,444
Erlang
29
GitHub Actions
16
Go
1,668
Maven
4,928
npm
3,458
NuGet
595
pip
2,876
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+
234,617 advisories
Filter by severity
An insecure deserialization vulnerability has been identified in ROS2 Humble Hawksbill in...
Unknown
Unreviewed
CVE-2024-29452
was published
Apr 11, 2024
An OS command injection vulnerability has been discovered in ROS Kinetic Kame in ROS_VERSION 1...
Unknown
Unreviewed
CVE-2024-30729
was published
Apr 10, 2024
An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawksbill in ROS_VERSION 2 and...
Unknown
Unreviewed
CVE-2024-29441
was published
Apr 11, 2024
An issue was discovered in ROS2 Dashing Diademata in ROS_VERSION 2 and ROS_PYTHON_VERSION 3,...
Unknown
Unreviewed
CVE-2024-30710
was published
Apr 10, 2024
An OS command injection vulnerability has been discovered in ROS2 (Robot Operating System 2)...
Unknown
Unreviewed
CVE-2024-29444
was published
Apr 11, 2024
An issue was discovered in ROS2 Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3,...
Unknown
Unreviewed
CVE-2024-29449
was published
Apr 11, 2024
A buffer overflow vulnerability has been discovered in the C++ components of ROS Kinetic Kame in...
Unknown
Unreviewed
CVE-2024-30733
was published
Apr 10, 2024
An insecure deserialization vulnerability has been identified in ROS Kinetic Kame in ROS_VERSION...
Unknown
Unreviewed
CVE-2024-30736
was published
Apr 10, 2024
An unauthorized node injection vulnerability has been identified in ROS2 Humble Hawksbill in...
Unknown
Unreviewed
CVE-2024-29439
was published
Apr 11, 2024
Deserialization of untrusted data can occur in the R statistical programming language, on any...
High
Unreviewed
CVE-2024-27322
was published
Apr 29, 2024
A shell injection vulnerability was discovered in ROS2 (Robot Operating System 2) Humble...
Unknown
Unreviewed
CVE-2024-29443
was published
Apr 11, 2024
An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawksbill in ROS_VERSION 2 and...
Unknown
Unreviewed
CVE-2024-29445
was published
Apr 11, 2024
An issue was discovered in ROS2 Galactic Geochelone in version ROS_VERSION 2 and...
Unknown
Unreviewed
CVE-2024-30691
was published
Apr 9, 2024
A buffer overflow occurs in utilities/ymodem/ry_sy.c in RT-Thread through 5.0.2 because of an...
Unknown
Unreviewed
CVE-2024-25394
was published
Mar 27, 2024
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape...
Unknown
Unreviewed
CVE-2024-28085
was published
Mar 27, 2024
A heap-based buffer over-read vulnerability was found in the X.org server's...
High
Unreviewed
CVE-2024-31082
was published
Apr 4, 2024
Tempesta FW rate limits are not enabled by default. They are either set too large to capture...
Unknown
Unreviewed
CVE-2024-2758
was published
Apr 3, 2024
A heap-based buffer over-read vulnerability was found in the X.org server's...
High
Unreviewed
CVE-2024-31081
was published
Apr 4, 2024
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers....
High
Unreviewed
CVE-2024-31083
was published
Apr 5, 2024
An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount...
High
Unreviewed
CVE-2024-27983
was published
Apr 9, 2024
A buffer overflow vulnerability has been discovered in the C++ components of ROS2 Iron Irwini...
Unknown
Unreviewed
CVE-2024-30683
was published
Apr 9, 2024
An insecure deserialization vulnerability has been identified in ROS2 Iron Irwini versions...
Unknown
Unreviewed
CVE-2024-30687
was published
Apr 9, 2024
A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2.
Unknown
Unreviewed
CVE-2024-25393
was published
Mar 27, 2024
setuid() does not affect libuv's internal io_uring operations if initialized before the call to...
High
Unreviewed
CVE-2024-22017
was published
Mar 19, 2024
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker...
Unknown
Unreviewed
CVE-2024-28565
was published
Mar 20, 2024
ProTip!
Advisories are also available from the
GraphQL API