Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

204 advisories

Loading
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation... High Unreviewed
CVE-2023-39413 was published Jan 8, 2024
An integer overflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1... Moderate Unreviewed
CVE-2023-43628 was published Dec 5, 2023
Memory corruption in Audio while processing the VOC packet data from ADSP. High Unreviewed
CVE-2023-33059 was published Nov 14, 2023
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect... High Unreviewed
CVE-2023-47360 was published Nov 13, 2023
7-Zip through 22.01 on Linux allows an integer underflow and code execution via a crafted 7Z... High Unreviewed
CVE-2023-31102 was published Nov 3, 2023
An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of... High Unreviewed
CVE-2023-22308 was published Oct 12, 2023
gnark unsoundness in variable comparison / non-unique binary decomposition Moderate
CVE-2023-44378 was published for github.com/consensys/gnark (Go) Oct 4, 2023
kustosz
An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of... High Unreviewed
CVE-2023-32653 was published Sep 25, 2023
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an... High Unreviewed
CVE-2022-28733 was published Jul 20, 2023
An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow... High Unreviewed
CVE-2023-35790 was published Jun 16, 2023
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along... High Unreviewed
CVE-2023-21630 was published Apr 13, 2023
Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are... High Unreviewed
CVE-2023-26421 was published Apr 12, 2023
In keyinstall, there is a possible information disclosure due to an integer overflow. This could... Moderate Unreviewed
CVE-2023-20635 was published Mar 7, 2023
In wlan driver, there is a possible missing params check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-38681 was published Feb 12, 2023
A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring... Moderate Unreviewed
CVE-2023-0469 was published Jan 26, 2023
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Critical Unreviewed
CVE-2022-4338 was published Jan 11, 2023
In wlan driver, there is a possible missing bounds check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-44444 was published Jan 4, 2023
A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial... High Unreviewed
CVE-2022-37301 was published Nov 22, 2022
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText... Moderate Unreviewed
CVE-2022-3165 was published Oct 17, 2022
An integer underflow in WhatsApp could have caused remote code execution when receiving a crafted... High Unreviewed
CVE-2022-27492 was published Sep 25, 2022
A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in... High Unreviewed
CVE-2022-2335 was published Aug 18, 2022
The Rating by BestWebSoft WordPress plugin through 1.5 does not validate the submitted rating,... Moderate Unreviewed
CVE-2021-25121 was published Jun 21, 2022
ZAngband zangband-data 2.7.5 is affected by an integer underflow vulnerability in src/tk/plat.c... Critical Unreviewed
CVE-2021-40589 was published Jun 9, 2022
An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G... Moderate Unreviewed
CVE-2022-30787 was published May 27, 2022
A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of... Critical Unreviewed
CVE-2021-21811 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database