Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

286 advisories

Loading
Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer... Critical Unreviewed
CVE-2022-48335 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len... Critical Unreviewed
CVE-2022-48334 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer... Critical Unreviewed
CVE-2022-48336 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer... Critical Unreviewed
CVE-2022-48332 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len... Critical Unreviewed
CVE-2022-48333 was published Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len... Critical Unreviewed
CVE-2022-48331 was published Jun 26, 2023
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 1 of 2). Critical Unreviewed
CVE-2023-33863 was published Jun 7, 2023
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 2 of 2). Critical Unreviewed
CVE-2023-33864 was published Jun 7, 2023
The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7... Critical Unreviewed
CVE-2023-23298 was published May 23, 2023
Buffer overflow in sponge queue functions Critical
CVE-2022-37454 was published for pysha3 (RubyGems) Apr 26, 2023
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who... Critical Unreviewed
CVE-2023-2136 was published Apr 19, 2023
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow... Critical Unreviewed
CVE-2021-33797 was published Apr 18, 2023
Certain Lexmark devices through 2023-02-19 have an Integer Overflow. Critical Unreviewed
CVE-2023-26065 was published Apr 10, 2023
An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for... Critical Unreviewed
CVE-2023-28613 was published Apr 4, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed
CVE-2023-28501 was published Mar 29, 2023
In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible out of bounds read due to... Critical Unreviewed
CVE-2022-20532 was published Mar 24, 2023
A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is... Critical Unreviewed
CVE-2021-4327 was published Mar 1, 2023
The affected products are vulnerable to an integer overflow or wraparound, which could allow an... Critical Unreviewed
CVE-2023-0754 was published Feb 24, 2023
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer... Critical Unreviewed
CVE-2022-2329 was published Feb 1, 2023
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime ... Critical Unreviewed
CVE-2022-24963 was published Jan 31, 2023
On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based... Critical Unreviewed
CVE-2022-28331 was published Jan 31, 2023
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime... Critical Unreviewed
CVE-2022-25147 was published Jan 31, 2023
Integer overflow in publify_core Critical
CVE-2022-1812 was published for publify_core (RubyGems) Jan 14, 2023
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser... Critical Unreviewed
CVE-2022-3515 was published Jan 12, 2023
Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM)... Critical Unreviewed
CVE-2023-0077 was published Jan 5, 2023
ProTip! Advisories are also available from the GraphQL API