Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

293 advisories

Loading
Buffer overflow in sponge queue functions Critical
CVE-2022-37454 was published for pysha3 (RubyGems) Apr 26, 2023
The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7... Critical Unreviewed
CVE-2023-23298 was published May 23, 2023
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 2 of 2). Critical Unreviewed
CVE-2023-33864 was published Jun 7, 2023
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 1 of 2). Critical Unreviewed
CVE-2023-33863 was published Jun 7, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer... Critical Unreviewed
CVE-2022-48332 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer... Critical Unreviewed
CVE-2022-48335 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len... Critical Unreviewed
CVE-2022-48333 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len... Critical Unreviewed
CVE-2022-48334 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len... Critical Unreviewed
CVE-2022-48331 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer... Critical Unreviewed
CVE-2022-48336 was published Jun 26, 2023
Libpeconv – integer overflow, before commit 75b1565 (30/11/2022). Critical Unreviewed
CVE-2023-23462 was published Jul 6, 2023
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS... Critical Unreviewed
CVE-2023-36495 was published Jul 28, 2023
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch... Critical Unreviewed
CVE-2023-35085 was published Aug 10, 2023
Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab,... Critical Unreviewed
CVE-2023-36326 was published Sep 1, 2023
Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e,... Critical Unreviewed
CVE-2023-36327 was published Sep 1, 2023
Integer Overflow vulnerability in mp_grow in libtom libtommath before commit... Critical Unreviewed
CVE-2023-36328 was published Sep 1, 2023
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to... Critical Unreviewed
CVE-2023-35681 was published Sep 11, 2023
Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data... Critical Unreviewed
CVE-2023-35967 was published Oct 11, 2023
Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of... Critical Unreviewed
CVE-2023-35965 was published Oct 11, 2023
Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of... Critical Unreviewed
CVE-2023-35966 was published Oct 11, 2023
Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data... Critical Unreviewed
CVE-2023-35968 was published Oct 11, 2023
pyminizip affected by zlib's integer overflow/heap based buffer overflow vulnerability due to vulnerable dependency Critical
CVE-2023-45853 was published for pyminizip (pip) Oct 14, 2023
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who... Critical Unreviewed
CVE-2023-6345 was published Nov 29, 2023
PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an... Critical Unreviewed
CVE-2023-44709 was published Dec 14, 2023
An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3... Critical Unreviewed
CVE-2023-51714 was published Dec 24, 2023
ProTip! Advisories are also available from the GraphQL API