Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

414 advisories

Loading
In valid_ipc_dram_addr of cm_access_control.c, there is a possible out of bounds read due to an... Moderate Unreviewed
CVE-2021-1047 was published Dec 16, 2021
In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer... Moderate Unreviewed
CVE-2021-0919 was published Dec 16, 2021
In apusys, there is a possible memory corruption due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2021-0901 was published Dec 18, 2021
In ccu driver, there is a possible out of bounds read due to an integer overflow. This could lead... Moderate Unreviewed
CVE-2021-0677 was published Dec 18, 2021
Stormshield Network Security (SNS) 3.x has an Integer Overflow in the high-availability component. Moderate Unreviewed
CVE-2021-3398 was published Feb 11, 2022
In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead... Moderate Unreviewed
CVE-2022-20039 was published Feb 11, 2022
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. Moderate Unreviewed
CVE-2022-25315 was published Feb 19, 2022
An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in... Moderate Unreviewed
CVE-2021-3607 was published Feb 25, 2022
Some Huawei products have an integer overflow vulnerability. Successful exploitation of this... Moderate Unreviewed
CVE-2021-22441 was published Feb 26, 2022
An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to... Moderate Unreviewed
CVE-2021-45860 was published Mar 3, 2022
A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree... Moderate Unreviewed
CVE-2021-3428 was published Mar 5, 2022
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able... Moderate Unreviewed
CVE-2021-20303 was published Mar 5, 2022
An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t <... Moderate Unreviewed
CVE-2021-3933 was published Mar 26, 2022
GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow. Moderate Unreviewed
CVE-2022-27148 was published Apr 9, 2022
In preloader (usb), there is a possible out of bounds write due to an integer overflow. This... Moderate Unreviewed
CVE-2022-20069 was published Apr 12, 2022
stb_image.h v2.27 was discovered to contain an integer overflow via the function... Moderate Unreviewed
CVE-2022-28041 was published Apr 16, 2022
An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts. Moderate Unreviewed
CVE-2010-4653 was published Apr 21, 2022
An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore:... Moderate Unreviewed
CVE-2011-1298 was published Apr 22, 2022
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number... Moderate Unreviewed
CVE-2012-5340 was published Apr 23, 2022
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function,... Moderate Unreviewed
CVE-2022-28197 was published Apr 28, 2022
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function,... Moderate Unreviewed
CVE-2022-28195 was published Apr 28, 2022
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong... Moderate Unreviewed
CVE-2004-0657 was published Apr 29, 2022
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2... Moderate Unreviewed
CVE-2004-0788 was published Apr 29, 2022
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms... Moderate Unreviewed
CVE-2005-1513 was published May 1, 2022
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted... Moderate Unreviewed
CVE-2006-4519 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API