Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292 advisories

Loading
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based... Critical Unreviewed
CVE-2025-23016 was published Jan 10, 2025
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker... Critical Unreviewed
CVE-2024-40765 was published Jan 9, 2025
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 2 of 2). Critical Unreviewed
CVE-2023-33864 was published Jun 7, 2023
RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 1 of 2). Critical Unreviewed
CVE-2023-33863 was published Jun 7, 2023
Integer overflow vulnerability exists in SimplCommerce at commit... Critical Unreviewed
CVE-2024-50944 was published Dec 27, 2024
Product: AndroidVersions: Android SoCAndroid ID: A-277775870 Critical Unreviewed
CVE-2021-0701 was published Jun 15, 2023
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-49112 was published Dec 12, 2024
nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the... Critical Unreviewed
CVE-2024-36671 was published Nov 29, 2024
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of... Critical Unreviewed
CVE-2024-35366 was published Nov 29, 2024
WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c... Critical Unreviewed
CVE-2024-46613 was published Nov 10, 2024
Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of... Critical Unreviewed
CVE-2024-46483 was published Oct 23, 2024
Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can... Critical Unreviewed
CVE-2018-10244 was published May 14, 2022
The authentication mechanism can be bypassed by overflowing the value of the Cookie ... Critical Unreviewed
CVE-2023-49262 was published Jan 12, 2024
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation... Critical Unreviewed
CVE-2024-44087 was published Sep 10, 2024
A malicious value of size in a structure of packed libnv can cause an integer overflow, leading... Critical Unreviewed
CVE-2024-45287 was published Sep 5, 2024
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling... Critical Unreviewed
CVE-2024-30949 was published Aug 20, 2024
Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow.... Critical Unreviewed
CVE-2024-5171 was published Jun 5, 2024
In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer... Critical Unreviewed
CVE-2024-41184 was published Jul 18, 2024
In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an... Critical Unreviewed
CVE-2024-32913 was published Jun 13, 2024
tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming... Critical Unreviewed
CVE-2024-1305 was published Jul 8, 2024
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who... Critical Unreviewed
CVE-2023-6345 was published Nov 29, 2023
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c... Critical Unreviewed
CVE-2023-47212 was published May 1, 2024
An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3... Critical Unreviewed
CVE-2023-51714 was published Dec 24, 2023
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Critical Unreviewed
CVE-2023-33032 was published Jan 2, 2024
Various Lexmark products have an Integer Overflow. Critical Unreviewed
CVE-2019-9930 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database