Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,362 advisories

Loading
Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow... High Unreviewed
CVE-2023-24609 was published Dec 22, 2023
Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC... High Unreviewed
CVE-2023-43826 was published Dec 19, 2023
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or... High Unreviewed
CVE-2023-6478 was published Dec 13, 2023
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code... High Unreviewed
CVE-2023-5869 was published Dec 10, 2023
In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase... High Unreviewed
CVE-2023-48409 was published Dec 8, 2023
Transient DOS in Bluetooth Host while rfc slot allocation. High Unreviewed
CVE-2023-28588 was published Dec 5, 2023
Memory corruption in HLOS while invoking IOCTL calls from user-space. High Unreviewed
CVE-2023-33022 was published Dec 5, 2023
Memory corruption while using the UIM diag command to get the operators name. High Unreviewed
CVE-2023-33018 was published Dec 5, 2023
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. High Unreviewed
CVE-2023-33107 was published Dec 5, 2023
An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the... High Unreviewed
CVE-2023-4398 was published Nov 28, 2023
Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid... High Unreviewed
CVE-2021-27502 was published Nov 21, 2023
Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on... High Unreviewed
CVE-2021-27504 was published Nov 21, 2023
Texas Instruments TI-RTOS returns a valid pointer to a small buffer on extremely large values.... High Unreviewed
CVE-2021-27429 was published Nov 20, 2023
Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a... High Unreviewed
CVE-2021-22636 was published Nov 20, 2023
A local non-privileged user can make improper GPU memory processing operations to gain access to... High Unreviewed
CVE-2023-4295 was published Nov 14, 2023
Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to... High Unreviewed
CVE-2023-5849 was published Nov 1, 2023
In Sysproxy, there is a possible out of bounds write due to an integer underflow. This could lead... High Unreviewed
CVE-2023-21375 was published Oct 30, 2023
An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and... High Unreviewed
CVE-2023-42295 was published Oct 23, 2023
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded... High Unreviewed
CVE-2023-3487 was published Oct 20, 2023
An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A... High Unreviewed
CVE-2023-38127 was published Oct 19, 2023
zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c,... High Unreviewed
CVE-2023-46228 was published Oct 19, 2023
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out... High Unreviewed
CVE-2023-37536 was published Oct 11, 2023
HTTP/2 HPACK integer overflow and buffer allocation High
CVE-2023-36478 was published for org.eclipse.jetty.http2:http2-hpack (Maven) Oct 10, 2023
samalws-tob kaoudis
smichaels-tob joakime
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function... High Unreviewed
CVE-2023-43787 was published Oct 10, 2023
In a non-standard configuration of Firefox, an integer overflow could have occurred based on... High Unreviewed
CVE-2023-5173 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API