Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,130 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure... Moderate Unreviewed
CVE-2024-46726 was published Sep 18, 2024
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative... High Unreviewed
CVE-2023-45854 was published Sep 16, 2024
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code... High Unreviewed
CVE-2023-5869 was published Dec 10, 2023
In the Linux kernel, the following vulnerability has been resolved: cdrom: rearrange... Unknown Unreviewed
CVE-2024-42136 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty... Moderate Unreviewed
CVE-2024-42131 was published Jul 30, 2024
PyCA Cryptography symmetrically encrypting large values can lead to integer overflow High
CVE-2020-36242 was published for cryptography (pip) Feb 10, 2021
pgx SQL Injection via Protocol Message Size Overflow High
CVE-2024-27304 was published for github.com/jackc/pgx (Go) Mar 4, 2024
paul-gerste-sonarsource
pgproto3 SQL Injection via Protocol Message Size Overflow High
GHSA-7jwh-3vrq-q3m8 was published for github.com/jackc/pgproto3 (Go) Mar 4, 2024
paul-gerste-sonarsource
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound... High Unreviewed
CVE-2024-34121 was published Sep 13, 2024
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number... Moderate Unreviewed
CVE-2012-5340 was published Apr 23, 2022
An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex... High Unreviewed
CVE-2017-15587 was published May 14, 2022
Windows libarchive Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43495 was published Sep 10, 2024
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... Critical Unreviewed
CVE-2024-44087 was published Sep 10, 2024
The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and... High Unreviewed
CVE-2023-22436 was published Mar 10, 2023
A malicious value of size in a structure of packed libnv can cause an integer overflow, leading... Critical Unreviewed
CVE-2024-45287 was published Sep 5, 2024
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in... Moderate Unreviewed
CVE-2024-43890 was published Aug 26, 2024
In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix UBSAN ... Moderate Unreviewed
CVE-2024-44981 was published Sep 4, 2024
In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP... Moderate Unreviewed
CVE-2024-38661 was published Jun 25, 2024
Memory corruption while calculating total metadata size when a very high reserved size is... High Unreviewed
CVE-2024-33035 was published Sep 2, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer... Low Unreviewed
CVE-2024-28044 was published Sep 2, 2024
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an... High Unreviewed
CVE-2024-45492 was published Aug 30, 2024
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer... High Unreviewed
CVE-2024-45491 was published Aug 30, 2024
Integer overflow in TFLite memory allocation High
CVE-2021-29605 was published for tensorflow (pip) May 21, 2021
Integer overflow in TFLite concatentation Moderate
CVE-2021-29601 was published for tensorflow (pip) May 21, 2021
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow... Low Unreviewed
CVE-2024-7867 was published Aug 15, 2024
ProTip! Advisories are also available from the GraphQL API