Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,436
Erlang
29
GitHub Actions
16
Go
1,661
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+

164 advisories

Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-42118 was published May 3, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dcn35... High Unreviewed
CVE-2024-26913 was published Apr 17, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-28930 was published Apr 9, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-28933 was published Apr 9, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-28945 was published Apr 9, 2024
Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-26244 was published Apr 9, 2024
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability High Unreviewed
CVE-2024-26208 was published Apr 9, 2024
In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable... Moderate Unreviewed
CVE-2021-46951 was published Feb 27, 2024
An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig... Critical Unreviewed
CVE-2024-23313 was published Feb 20, 2024
Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to... Critical Unreviewed
CVE-2024-0808 was published Jan 24, 2024
An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client... High Unreviewed
CVE-2024-0565 was published Jan 15, 2024
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21309 was published Jan 9, 2024
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation... High Unreviewed
CVE-2023-39413 was published Jan 8, 2024
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation... High Unreviewed
CVE-2023-39414 was published Jan 8, 2024
An integer overflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1... Moderate Unreviewed
CVE-2023-43628 was published Dec 5, 2023
Memory corruption in Audio while processing the VOC packet data from ADSP. High Unreviewed
CVE-2023-33059 was published Nov 14, 2023
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect... High Unreviewed
CVE-2023-47360 was published Nov 13, 2023
7-Zip through 22.01 on Linux allows an integer underflow and code execution via a crafted 7Z... High Unreviewed
CVE-2023-31102 was published Nov 3, 2023
An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of... High Unreviewed
CVE-2023-22308 was published Oct 12, 2023
gnark unsoundness in variable comparison / non-unique binary decomposition Moderate
CVE-2023-44378 was published for github.com/consensys/gnark (Go) Oct 4, 2023
kustosz
An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of... High Unreviewed
CVE-2023-32653 was published Sep 25, 2023
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an... High Unreviewed
CVE-2022-28733 was published Jul 20, 2023
An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow... High Unreviewed
CVE-2023-35790 was published Jun 16, 2023
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along... High Unreviewed
CVE-2023-21630 was published Apr 13, 2023
Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are... High Unreviewed
CVE-2023-26421 was published Apr 12, 2023
ProTip! Advisories are also available from the GraphQL API