Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

427 advisories

Loading
In valid_ipc_dram_addr of cm_access_control.c, there is a possible out of bounds read due to an... Moderate Unreviewed
CVE-2021-1047 was published Dec 16, 2021
In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer... Moderate Unreviewed
CVE-2021-0919 was published Dec 16, 2021
In apusys, there is a possible memory corruption due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2021-0901 was published Dec 18, 2021
In ccu driver, there is a possible out of bounds read due to an integer overflow. This could lead... Moderate Unreviewed
CVE-2021-0677 was published Dec 18, 2021
Stormshield Network Security (SNS) 3.x has an Integer Overflow in the high-availability component. Moderate Unreviewed
CVE-2021-3398 was published Feb 11, 2022
In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead... Moderate Unreviewed
CVE-2022-20039 was published Feb 11, 2022
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. Moderate Unreviewed
CVE-2022-25315 was published Feb 19, 2022
An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in... Moderate Unreviewed
CVE-2021-3607 was published Feb 25, 2022
Some Huawei products have an integer overflow vulnerability. Successful exploitation of this... Moderate Unreviewed
CVE-2021-22441 was published Feb 26, 2022
An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to... Moderate Unreviewed
CVE-2021-45860 was published Mar 3, 2022
A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree... Moderate Unreviewed
CVE-2021-3428 was published Mar 5, 2022
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able... Moderate Unreviewed
CVE-2021-20303 was published Mar 5, 2022
An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t <... Moderate Unreviewed
CVE-2021-3933 was published Mar 26, 2022
GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow. Moderate Unreviewed
CVE-2022-27148 was published Apr 9, 2022
In preloader (usb), there is a possible out of bounds write due to an integer overflow. This... Moderate Unreviewed
CVE-2022-20069 was published Apr 12, 2022
stb_image.h v2.27 was discovered to contain an integer overflow via the function... Moderate Unreviewed
CVE-2022-28041 was published Apr 16, 2022
An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts. Moderate Unreviewed
CVE-2010-4653 was published Apr 21, 2022
An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore:... Moderate Unreviewed
CVE-2011-1298 was published Apr 22, 2022
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number... Moderate Unreviewed
CVE-2012-5340 was published Apr 23, 2022
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function,... Moderate Unreviewed
CVE-2022-28197 was published Apr 28, 2022
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function,... Moderate Unreviewed
CVE-2022-28195 was published Apr 28, 2022
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong... Moderate Unreviewed
CVE-2004-0657 was published Apr 29, 2022
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2... Moderate Unreviewed
CVE-2004-0788 was published Apr 29, 2022
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms... Moderate Unreviewed
CVE-2005-1513 was published May 1, 2022
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted... Moderate Unreviewed
CVE-2006-4519 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database