GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
286 advisories
Filter by severity
Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer...
Critical
Unreviewed
CVE-2022-48335
was published
Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len...
Critical
Unreviewed
CVE-2022-48334
was published
Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer...
Critical
Unreviewed
CVE-2022-48336
was published
Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer...
Critical
Unreviewed
CVE-2022-48332
was published
Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len...
Critical
Unreviewed
CVE-2022-48333
was published
Jun 26, 2023
Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len...
Critical
Unreviewed
CVE-2022-48331
was published
Jun 26, 2023
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 1 of 2).
Critical
Unreviewed
CVE-2023-33863
was published
Jun 7, 2023
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 2 of 2).
Critical
Unreviewed
CVE-2023-33864
was published
Jun 7, 2023
The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7...
Critical
Unreviewed
CVE-2023-23298
was published
May 23, 2023
Buffer overflow in sponge queue functions
Critical
CVE-2022-37454
was published
for
pysha3
(RubyGems)
Apr 26, 2023
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who...
Critical
Unreviewed
CVE-2023-2136
was published
Apr 19, 2023
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow...
Critical
Unreviewed
CVE-2021-33797
was published
Apr 18, 2023
Certain Lexmark devices through 2023-02-19 have an Integer Overflow.
Critical
Unreviewed
CVE-2023-26065
was published
Apr 10, 2023
An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for...
Critical
Unreviewed
CVE-2023-28613
was published
Apr 4, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5...
Critical
Unreviewed
CVE-2023-28501
was published
Mar 29, 2023
In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible out of bounds read due to...
Critical
Unreviewed
CVE-2022-20532
was published
Mar 24, 2023
A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is...
Critical
Unreviewed
CVE-2021-4327
was published
Mar 1, 2023
The affected products are vulnerable to an integer overflow or wraparound, which could allow an...
Critical
Unreviewed
CVE-2023-0754
was published
Feb 24, 2023
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer...
Critical
Unreviewed
CVE-2022-2329
was published
Feb 1, 2023
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime ...
Critical
Unreviewed
CVE-2022-24963
was published
Jan 31, 2023
On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based...
Critical
Unreviewed
CVE-2022-28331
was published
Jan 31, 2023
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime...
Critical
Unreviewed
CVE-2022-25147
was published
Jan 31, 2023
Integer overflow in publify_core
Critical
CVE-2022-1812
was published
for
publify_core
(RubyGems)
Jan 14, 2023
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser...
Critical
Unreviewed
CVE-2022-3515
was published
Jan 12, 2023
Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM)...
Critical
Unreviewed
CVE-2023-0077
was published
Jan 5, 2023
ProTip!
Advisories are also available from the
GraphQL API