GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,130 advisories
Filter by severity
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker...
Moderate
Unreviewed
CVE-2024-22396
was published
Mar 14, 2024
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to...
Moderate
Unreviewed
CVE-2024-20016
was published
Feb 5, 2024
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE...
High
Unreviewed
CVE-2021-41345
was published
May 24, 2022
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on...
High
Unreviewed
CVE-2015-8651
was published
May 17, 2022
Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater...
High
Unreviewed
CVE-2024-23372
was published
Jul 1, 2024
An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17...
High
Unreviewed
CVE-2024-27833
was published
Jun 10, 2024
SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy...
High
Unreviewed
CVE-2020-14409
was published
May 24, 2022
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min...
Moderate
Unreviewed
CVE-2024-24857
was published
Feb 5, 2024
HTTP/2 HPACK integer overflow and buffer allocation
High
CVE-2023-36478
was published
for
org.eclipse.jetty.http2:http2-hpack
(Maven)
Oct 10, 2023
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on...
Moderate
Unreviewed
CVE-2019-8354
was published
May 13, 2022
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who...
Critical
Unreviewed
CVE-2023-6345
was published
Nov 29, 2023
There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc()...
Unknown
Unreviewed
CVE-2024-5197
was published
Jun 3, 2024
Integer overflow in BCrypt class in Spring Security
Moderate
CVE-2022-22976
was published
for
org.springframework.security:spring-security-core
(Maven)
May 20, 2022
Winlogon Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-30067
was published
Jun 11, 2024
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-30072
was published
Jun 11, 2024
Windows Kernel Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-30064
was published
Jun 11, 2024
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c...
Critical
Unreviewed
CVE-2023-47212
was published
May 1, 2024
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-4453
was published
May 22, 2024
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition...
Moderate
Unreviewed
CVE-2023-40548
was published
Jan 29, 2024
BoringSSLAEADContext in Netty Repeats Nonces
Moderate
CVE-2024-36121
was published
for
io.netty.incubator:netty-incubator-codec-ohttp
(Maven)
Jun 5, 2024
Memory corruption when more scan frequency list or channels are sent from the user space.
Moderate
Unreviewed
CVE-2023-43545
was published
Jun 3, 2024
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or...
High
Unreviewed
CVE-2023-6478
was published
Dec 13, 2023
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function...
High
Unreviewed
CVE-2023-43787
was published
Oct 10, 2023
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-30021
was published
May 14, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-29999
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API