Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

27 advisories

Loading
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer... Moderate Unreviewed
CVE-2024-6381 was published Jul 2, 2024
Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger... Critical Unreviewed
CVE-2024-33078 was published May 1, 2024
Pillow buffer overflow vulnerability Moderate
CVE-2024-28219 was published for pillow (pip) Apr 3, 2024
Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. High Unreviewed
CVE-2024-21454 was published Apr 1, 2024
Memory corruption while allocating memory for graphics. High Unreviewed
CVE-2024-21470 was published Apr 1, 2024
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()... Unknown Unreviewed
CVE-2024-2608 was published Mar 19, 2024
An issue in Wireshark team Wireshark before v.4.2.0 allows a remote attacker to cause a denial of... High Unreviewed
CVE-2024-24478 was published Feb 21, 2024
Memory corruption while loading an ELF segment in TEE Kernel. High Unreviewed
CVE-2023-28585 was published Dec 5, 2023
Memory corruption in HLOS while invoking IOCTL calls from user-space. High Unreviewed
CVE-2023-33022 was published Dec 5, 2023
Memory corruption while using the UIM diag command to get the operators name. High Unreviewed
CVE-2023-33018 was published Dec 5, 2023
Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an... Moderate Unreviewed
CVE-2023-22305 was published Nov 14, 2023
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out... High Unreviewed
CVE-2023-37536 was published Oct 11, 2023
A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c.... Moderate Unreviewed
CVE-2023-41175 was published Oct 5, 2023
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. High Unreviewed
CVE-2023-21644 was published Sep 5, 2023
Memory corruption in RIL while trying to send apdu packet. High Unreviewed
CVE-2023-21648 was published Aug 8, 2023
Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a... Moderate Unreviewed
CVE-2023-22443 was published May 10, 2023
Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during... High Unreviewed
CVE-2022-33282 was published Apr 13, 2023
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic... High Unreviewed
CVE-2022-33296 was published Apr 13, 2023
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response High Unreviewed
CVE-2022-25705 was published Mar 10, 2023
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during... High Unreviewed
CVE-2022-40530 was published Mar 10, 2023
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a... High Unreviewed
CVE-2022-33248 was published Feb 12, 2023
An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A... High Unreviewed
CVE-2022-29886 was published Aug 6, 2022
An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A... High Unreviewed
CVE-2022-32543 was published Aug 6, 2022
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding... High Unreviewed
CVE-2021-21852 was published May 24, 2022
A VULNERABILITY_CLASS vulnerability exists in the FEATURE functionality of Disc Soft Ltd Deamon... Critical Unreviewed
CVE-2021-21832 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API