GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,440
Erlang
29
GitHub Actions
16
Go
1,665
Maven
4,925
npm
3,453
NuGet
594
pip
2,854
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,042 advisories
Filter by severity
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through...
Low
Unreviewed
CVE-2024-3757
was published
May 7, 2024
Memory corruption in HLOS while checking for the storage type.
Moderate
Unreviewed
CVE-2023-43530
was published
May 6, 2024
GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2023-44443
was published
May 3, 2024
Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability...
High
Unreviewed
CVE-2023-41185
was published
May 3, 2024
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-40474
was published
May 3, 2024
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-40475
was published
May 3, 2024
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-38103
was published
May 3, 2024
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-38104
was published
May 3, 2024
GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-37327
was published
May 3, 2024
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c...
Critical
Unreviewed
CVE-2023-47212
was published
May 1, 2024
An integer overflow or wraparound vulnerability has been reported to affect several QNAP...
Moderate
Unreviewed
CVE-2024-21905
was published
Apr 26, 2024
CosmWasm affected by arithmetic overflows
Low
GHSA-8724-5xmm-w5xq
was published
for
cosmwasm-std
(Rust)
Apr 24, 2024
Animate versions 23.0.4, 24.0.1 and earlier are affected by an Integer Overflow or Wraparound...
High
Unreviewed
CVE-2024-20795
was published
Apr 11, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28929
was published
Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-28923
was published
Apr 9, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28942
was published
Apr 9, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28931
was published
Apr 9, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28936
was published
Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-26171
was published
Apr 9, 2024
libdav1d-sys affected by dav1d AV1 decoder integer overflow
Moderate
GHSA-mc39-h54g-pvw6
was published
for
libdav1d-sys
(Rust)
Apr 5, 2024
transpose: Buffer overflow due to integer overflow
Critical
GHSA-5gmm-6m36-r7jh
was published
for
transpose
(Rust)
Apr 5, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series...
Critical
Unreviewed
CVE-2024-0803
was published
Mar 15, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series...
Critical
Unreviewed
CVE-2024-1916
was published
Mar 15, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series...
Critical
Unreviewed
CVE-2024-1917
was published
Mar 15, 2024
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker...
Unknown
Unreviewed
CVE-2024-22396
was published
Mar 14, 2024
ProTip!
Advisories are also available from the
GraphQL API