Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

457 advisories

Loading
In rpmb , there is a possible memory corruption due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2023-32823 was published Oct 2, 2023
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV. Moderate Unreviewed
CVE-2023-4722 was published Sep 1, 2023
Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg... Moderate Unreviewed
CVE-2021-28429 was published Aug 11, 2023
Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and... Moderate Unreviewed
CVE-2021-28025 was published Aug 11, 2023
.eth registrar controller can shorten the duration of registered names Moderate
CVE-2023-38698 was published for @ensdomains/ens-contracts (npm) Aug 1, 2023
An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This... Moderate Unreviewed
CVE-2023-38560 was published Aug 1, 2023
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could... Moderate Unreviewed
CVE-2023-20755 was published Jul 4, 2023
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could... Moderate Unreviewed
CVE-2023-20756 was published Jul 4, 2023
snappy-java's Integer Overflow vulnerability in compress leads to DoS Moderate
CVE-2023-34454 was published for org.xerial.snappy:snappy-java (Maven) Jun 15, 2023
srmish-jfrog
snappy-java's Integer Overflow vulnerability in shuffle leads to DoS Moderate
CVE-2023-34453 was published for org.xerial.snappy:snappy-java (Maven) Jun 15, 2023
srmish-jfrog
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of... Moderate Unreviewed
CVE-2023-34151 was published May 31, 2023
Buffer under-read in workerd Moderate
CVE-2023-2512 was published for workerd (npm) May 12, 2023
ubercomp
Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a... Moderate Unreviewed
CVE-2023-22443 was published May 10, 2023
In soter service, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2022-47489 was published May 9, 2023
This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed
CVE-2023-27354 was published Apr 21, 2023
A vulnerability within the Avira network protection feature allowed an attacker with local... Moderate Unreviewed
CVE-2023-1900 was published Apr 19, 2023
protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. Moderate Unreviewed
CVE-2022-48468 was published Apr 13, 2023
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2023-20663 was published Apr 6, 2023
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2023-20662 was published Apr 6, 2023
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2023-20661 was published Apr 6, 2023
In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2023-20660 was published Apr 6, 2023
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2023-20682 was published Apr 6, 2023
TensorFlow vulnerable to segfault when opening multiframe gif Moderate
CVE-2023-25667 was published for tensorflow (pip) Mar 24, 2023
In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow.... Moderate Unreviewed
CVE-2023-21065 was published Mar 24, 2023
Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf... Moderate Unreviewed
CVE-2023-24180 was published Mar 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database