Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

427 advisories

Loading
Integer overflow in the padding implementation in the opus_packet_parse_impl function in src... Moderate Unreviewed
CVE-2013-0899 was published May 14, 2022
GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow. Moderate Unreviewed
CVE-2022-27148 was published Apr 9, 2022
In preloader (usb), there is a possible out of bounds write due to an integer overflow. This... Moderate Unreviewed
CVE-2022-20069 was published Apr 12, 2022
An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore:... Moderate Unreviewed
CVE-2011-1298 was published Apr 22, 2022
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c ... Moderate Unreviewed
CVE-2022-29824 was published May 4, 2022
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in... Moderate Unreviewed
CVE-2015-1283 was published May 13, 2022
epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in... Moderate Unreviewed
CVE-2022-29358 was published May 26, 2022
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. Moderate Unreviewed
CVE-2022-1926 was published Jun 1, 2022
In apusys driver, there is a possible system crash due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2022-21762 was published Jun 7, 2022
Denial of service in BOOT when partition size for a particular partition is requested due to... Moderate Unreviewed
CVE-2022-22078 was published Oct 19, 2022
In apusys driver, there is a possible system crash due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2022-21760 was published Jun 7, 2022
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able... Moderate Unreviewed
CVE-2021-20303 was published Mar 5, 2022
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if... Moderate Unreviewed
CVE-2022-28614 was published Jun 10, 2022
An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t <... Moderate Unreviewed
CVE-2021-3933 was published Mar 26, 2022
In apusys driver, there is a possible system crash due to an integer overflow. This could lead to... Moderate Unreviewed
CVE-2022-21761 was published Jun 7, 2022
Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a... Moderate Unreviewed
CVE-2016-4489 was published May 17, 2022
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR... Moderate Unreviewed
CVE-2021-26260 was published May 24, 2022
A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An... Moderate Unreviewed
CVE-2021-3476 was published May 24, 2022
GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component... Moderate Unreviewed
CVE-2022-41550 was published Oct 12, 2022
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR... Moderate Unreviewed
CVE-2021-23215 was published May 24, 2022
There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted... Moderate Unreviewed
CVE-2021-3475 was published May 24, 2022
Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2016-4490 was published May 17, 2022
In rndis_set_response of rndis.c, there is a possible out of bounds write due to an integer... Moderate Unreviewed
CVE-2022-20423 was published Oct 12, 2022
The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote... Moderate Unreviewed
CVE-2017-8782 was published May 17, 2022
Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before... Moderate Unreviewed
CVE-2017-6355 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database