Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,362 advisories

Loading
A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of... High Unreviewed
CVE-2021-21914 was published Apr 15, 2022
A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality of AnyCubic... High Unreviewed
CVE-2021-21948 was published Apr 15, 2022
An integer overflow vulnerability exists in the fltSaveCMP functionality of Leadtools 22. A... High Unreviewed
CVE-2022-21154 was published Apr 15, 2022
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to... High Unreviewed
CVE-2022-20075 was published Apr 12, 2022
Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds... High Unreviewed
CVE-2022-27833 was published Apr 12, 2022
Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to... High Unreviewed
CVE-2022-0608 was published Apr 6, 2022
In libstagefright, there is a possible out of bounds write due to an integer overflow. This could... High Unreviewed
CVE-2021-39759 was published Mar 31, 2022
An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a... High Unreviewed
CVE-2022-0998 was published Mar 31, 2022
NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this... High Unreviewed
CVE-2022-21821 was published Mar 30, 2022
Integer Overflow or Wraparound in Microweber High
CVE-2022-1036 was published for microweber/microweber (Composer) Mar 23, 2022
In ion_buffer_kmap_get of ion.c, there is a possible use-after-free due to an integer overflow.... High Unreviewed
CVE-2021-39714 was published Mar 17, 2022
Denial of service in microweber High
CVE-2022-0961 was published for microweber/microweber (Composer) Mar 16, 2022
Integer Overflow in microweber High
CVE-2022-0968 was published for microweber/microweber (Composer) Mar 16, 2022
Integer Overflow or Wraparound in Microweber High
CVE-2022-0913 was published for microweber/microweber (Composer) Mar 12, 2022
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with... High Unreviewed
CVE-2022-0204 was published Mar 11, 2022
An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote... High Unreviewed
CVE-2022-25291 was published Mar 5, 2022
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw... High Unreviewed
CVE-2021-20300 was published Mar 5, 2022
Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption High
CVE-2024-22051 was published for commonmarker (RubyGems) Mar 3, 2022
There is an improper verification vulnerability in smartphones. Successful exploitation of this... High Unreviewed
CVE-2021-22319 was published Feb 26, 2022
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful... High Unreviewed
CVE-2021-22437 was published Feb 26, 2022
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function... High Unreviewed
CVE-2022-25062 was published Feb 26, 2022
An integer overflow in the processing of loaded 2D images leads to a write-what-where... High Unreviewed
CVE-2022-0545 was published Feb 25, 2022
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds... High Unreviewed
CVE-2022-0546 was published Feb 25, 2022
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. High Unreviewed
CVE-2022-25314 was published Feb 19, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2022-24354 was published Feb 19, 2022
ProTip! Advisories are also available from the GraphQL API