GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
21 advisories
Filter by severity
In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an...
Low
Unreviewed
CVE-2024-10917
was published
Nov 11, 2024
GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many...
Low
Unreviewed
CVE-2024-50610
was published
Oct 28, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer...
Low
Unreviewed
CVE-2024-28044
was published
Sep 2, 2024
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow...
Low
Unreviewed
CVE-2024-7867
was published
Aug 15, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through...
Low
Unreviewed
CVE-2024-3757
was published
May 7, 2024
An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to...
Low
Unreviewed
CVE-2024-31047
was published
Apr 9, 2024
During the secure boot, bl2 (the second stage of
the bootloader) loops over images defined in the...
Low
Unreviewed
CVE-2024-1633
was published
Feb 19, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through ...
Low
Unreviewed
CVE-2024-21845
was published
Feb 2, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through ...
Low
Unreviewed
CVE-2024-21851
was published
Feb 2, 2024
An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980,...
Low
Unreviewed
CVE-2023-40218
was published
Sep 12, 2023
An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer...
Low
Unreviewed
CVE-2023-40353
was published
Sep 8, 2023
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via crafted value as the retry...
Low
Unreviewed
CVE-2020-19909
was published
Aug 22, 2023
In wlan driver, there is a possible missing bounds check, This could lead to local denial of...
Low
Unreviewed
CVE-2022-42767
was published
Dec 6, 2022
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5...
Low
Unreviewed
CVE-2021-20203
was published
May 24, 2022
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a...
Low
Unreviewed
CVE-2020-14310
was published
May 24, 2022
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A...
Low
Unreviewed
CVE-2020-14311
was published
May 24, 2022
In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer...
Low
Unreviewed
CVE-2020-0139
was published
May 24, 2022
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct...
Low
Unreviewed
CVE-2020-10726
was published
May 24, 2022
A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is...
Low
Unreviewed
CVE-2020-10724
was published
May 24, 2022
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3...
Low
Unreviewed
CVE-2018-13053
was published
May 14, 2022
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown...
Low
Unreviewed
CVE-2016-9085
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API