Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20 advisories

Loading
GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many... Low Unreviewed
CVE-2024-50610 was published Oct 28, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer... Low Unreviewed
CVE-2024-28044 was published Sep 2, 2024
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow... Low Unreviewed
CVE-2024-7867 was published Aug 15, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through... Low Unreviewed
CVE-2024-3757 was published May 7, 2024
An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to... Low Unreviewed
CVE-2024-31047 was published Apr 9, 2024
During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the... Low Unreviewed
CVE-2024-1633 was published Feb 19, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through ... Low Unreviewed
CVE-2024-21845 was published Feb 2, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through ... Low Unreviewed
CVE-2024-21851 was published Feb 2, 2024
An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980,... Low Unreviewed
CVE-2023-40218 was published Sep 12, 2023
An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer... Low Unreviewed
CVE-2023-40353 was published Sep 8, 2023
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via crafted value as the retry... Low Unreviewed
CVE-2020-19909 was published Aug 22, 2023
In wlan driver, there is a possible missing bounds check, This could lead to local denial of... Low Unreviewed
CVE-2022-42767 was published Dec 6, 2022
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5... Low Unreviewed
CVE-2021-20203 was published May 24, 2022
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A... Low Unreviewed
CVE-2020-14311 was published May 24, 2022
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a... Low Unreviewed
CVE-2020-14310 was published May 24, 2022
In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer... Low Unreviewed
CVE-2020-0139 was published May 24, 2022
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct... Low Unreviewed
CVE-2020-10726 was published May 24, 2022
A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is... Low Unreviewed
CVE-2020-10724 was published May 24, 2022
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3... Low Unreviewed
CVE-2018-13053 was published May 14, 2022
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown... Low Unreviewed
CVE-2016-9085 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database