Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,444
Erlang
29
GitHub Actions
16
Go
1,668
Maven
4,928
npm
3,458
NuGet
595
pip
2,876
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+

234,617 advisories

An insecure deserialization vulnerability has been identified in ROS2 Humble Hawksbill in... Unknown Unreviewed
CVE-2024-29452 was published Apr 11, 2024
An OS command injection vulnerability has been discovered in ROS Kinetic Kame in ROS_VERSION 1... Unknown Unreviewed
CVE-2024-30729 was published Apr 10, 2024
An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawksbill in ROS_VERSION 2 and... Unknown Unreviewed
CVE-2024-29441 was published Apr 11, 2024
An issue was discovered in ROS2 Dashing Diademata in ROS_VERSION 2 and ROS_PYTHON_VERSION 3,... Unknown Unreviewed
CVE-2024-30710 was published Apr 10, 2024
An OS command injection vulnerability has been discovered in ROS2 (Robot Operating System 2)... Unknown Unreviewed
CVE-2024-29444 was published Apr 11, 2024
An issue was discovered in ROS2 Humble Hawksbill in ROS_VERSION 2 and ROS_PYTHON_VERSION 3,... Unknown Unreviewed
CVE-2024-29449 was published Apr 11, 2024
A buffer overflow vulnerability has been discovered in the C++ components of ROS Kinetic Kame in... Unknown Unreviewed
CVE-2024-30733 was published Apr 10, 2024
An insecure deserialization vulnerability has been identified in ROS Kinetic Kame in ROS_VERSION... Unknown Unreviewed
CVE-2024-30736 was published Apr 10, 2024
An unauthorized node injection vulnerability has been identified in ROS2 Humble Hawksbill in... Unknown Unreviewed
CVE-2024-29439 was published Apr 11, 2024
Deserialization of untrusted data can occur in the R statistical programming language, on any... High Unreviewed
CVE-2024-27322 was published Apr 29, 2024
A shell injection vulnerability was discovered in ROS2 (Robot Operating System 2) Humble... Unknown Unreviewed
CVE-2024-29443 was published Apr 11, 2024
An issue was discovered in ROS2 (Robot Operating System 2) Humble Hawksbill in ROS_VERSION 2 and... Unknown Unreviewed
CVE-2024-29445 was published Apr 11, 2024
An issue was discovered in ROS2 Galactic Geochelone in version ROS_VERSION 2 and... Unknown Unreviewed
CVE-2024-30691 was published Apr 9, 2024
A buffer overflow occurs in utilities/ymodem/ry_sy.c in RT-Thread through 5.0.2 because of an... Unknown Unreviewed
CVE-2024-25394 was published Mar 27, 2024
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape... Unknown Unreviewed
CVE-2024-28085 was published Mar 27, 2024
A heap-based buffer over-read vulnerability was found in the X.org server's... High Unreviewed
CVE-2024-31082 was published Apr 4, 2024
Tempesta FW rate limits are not enabled by default. They are either set too large to capture... Unknown Unreviewed
CVE-2024-2758 was published Apr 3, 2024
A heap-based buffer over-read vulnerability was found in the X.org server's... High Unreviewed
CVE-2024-31081 was published Apr 4, 2024
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers.... High Unreviewed
CVE-2024-31083 was published Apr 5, 2024
An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount... High Unreviewed
CVE-2024-27983 was published Apr 9, 2024
A buffer overflow vulnerability has been discovered in the C++ components of ROS2 Iron Irwini... Unknown Unreviewed
CVE-2024-30683 was published Apr 9, 2024
An insecure deserialization vulnerability has been identified in ROS2 Iron Irwini versions... Unknown Unreviewed
CVE-2024-30687 was published Apr 9, 2024
A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2. Unknown Unreviewed
CVE-2024-25393 was published Mar 27, 2024
setuid() does not affect libuv's internal io_uring operations if initialized before the call to... High Unreviewed
CVE-2024-22017 was published Mar 19, 2024
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker... Unknown Unreviewed
CVE-2024-28565 was published Mar 20, 2024
ProTip! Advisories are also available from the GraphQL API