Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

293 advisories

Loading
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... Critical Unreviewed
CVE-2024-44087 was published Sep 10, 2024
A malicious value of size in a structure of packed libnv can cause an integer overflow, leading... Critical Unreviewed
CVE-2024-45287 was published Sep 5, 2024
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling... Critical Unreviewed
CVE-2024-30949 was published Aug 20, 2024
In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer... Critical Unreviewed
CVE-2024-41184 was published Jul 18, 2024
Fiona affected by CVE-2023-45853 related to MiniZip madler-zlib Critical
GHSA-q5fm-55c2-v6j9 was published for fiona (pip) Jul 16, 2024
sgillies
tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming... Critical Unreviewed
CVE-2024-1305 was published Jul 8, 2024
In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an... Critical Unreviewed
CVE-2024-32913 was published Jun 13, 2024
Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow.... Critical Unreviewed
CVE-2024-5171 was published Jun 5, 2024
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c... Critical Unreviewed
CVE-2023-47212 was published May 1, 2024
transpose: Buffer overflow due to integer overflow Critical
GHSA-5gmm-6m36-r7jh was published for transpose (Rust) Apr 5, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series... Critical Unreviewed
CVE-2024-0803 was published Mar 15, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series... Critical Unreviewed
CVE-2024-1916 was published Mar 15, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series... Critical Unreviewed
CVE-2024-1917 was published Mar 15, 2024
An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig... Critical Unreviewed
CVE-2024-21812 was published Feb 20, 2024
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute... Critical Unreviewed
CVE-2024-22860 was published Jan 27, 2024
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute... Critical Unreviewed
CVE-2024-22862 was published Jan 27, 2024
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer... Critical Unreviewed
CVE-2023-52389 was published Jan 27, 2024
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Critical Unreviewed
CVE-2023-33032 was published Jan 2, 2024
An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3... Critical Unreviewed
CVE-2023-51714 was published Dec 24, 2023
PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an... Critical Unreviewed
CVE-2023-44709 was published Dec 14, 2023
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who... Critical Unreviewed
CVE-2023-6345 was published Nov 29, 2023
pyminizip affected by zlib's integer overflow/heap based buffer overflow vulnerability due to vulnerable dependency Critical
CVE-2023-45853 was published for pyminizip (pip) Oct 14, 2023
Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data... Critical Unreviewed
CVE-2023-35967 was published Oct 11, 2023
Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of... Critical Unreviewed
CVE-2023-35965 was published Oct 11, 2023
Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of... Critical Unreviewed
CVE-2023-35966 was published Oct 11, 2023
ProTip! Advisories are also available from the GraphQL API