Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

297 advisories

Loading
Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile... Critical Unreviewed
CVE-2022-25651 was published Jun 15, 2022
WolfSSH v1.4.7 was discovered to contain an integer overflow via the function... Critical Unreviewed
CVE-2022-32073 was published Jul 14, 2022
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause... Critical Unreviewed
CVE-2022-33719 was published Aug 6, 2022
lz4-sys vulnerable to memory corruption via issue in liblz4 Critical
GHSA-9q5j-jm53-v7vr was published for lz4-sys (Rust) Sep 1, 2022
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote... Critical Unreviewed
CVE-2022-31789 was published Sep 7, 2022
Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in... Critical Unreviewed
CVE-2022-22105 was published Sep 17, 2022
An integer overflow in WhatsApp could result in remote code execution in an established video call. Critical Unreviewed
CVE-2022-36934 was published Sep 23, 2022
An internal reference count is held on the buffer pool, incremented every time a new buffer is... Critical Unreviewed
CVE-2021-3782 was published Sep 25, 2022
A write-what-where condition in hermes caused by an integer overflow, prior to commit... Critical Unreviewed
CVE-2022-35289 was published Oct 11, 2022
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in... Critical Unreviewed
CVE-2022-25748 was published Oct 19, 2022
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. Critical Unreviewed
CVE-2022-47629 was published Dec 21, 2022
Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM)... Critical Unreviewed
CVE-2023-0077 was published Jan 5, 2023
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser... Critical Unreviewed
CVE-2022-3515 was published Jan 12, 2023
Integer overflow in publify_core Critical
CVE-2022-1812 was published for publify_core (RubyGems) Jan 14, 2023
On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based... Critical Unreviewed
CVE-2022-28331 was published Jan 31, 2023
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime... Critical Unreviewed
CVE-2022-25147 was published Jan 31, 2023
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime ... Critical Unreviewed
CVE-2022-24963 was published Jan 31, 2023
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer... Critical Unreviewed
CVE-2022-2329 was published Feb 1, 2023
The affected products are vulnerable to an integer overflow or wraparound, which could allow an... Critical Unreviewed
CVE-2023-0754 was published Feb 24, 2023
A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is... Critical Unreviewed
CVE-2021-4327 was published Mar 1, 2023
In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible out of bounds read due to... Critical Unreviewed
CVE-2022-20532 was published Mar 24, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed
CVE-2023-28501 was published Mar 29, 2023
An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for... Critical Unreviewed
CVE-2023-28613 was published Apr 4, 2023
Certain Lexmark devices through 2023-02-19 have an Integer Overflow. Critical Unreviewed
CVE-2023-26065 was published Apr 10, 2023
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow... Critical Unreviewed
CVE-2021-33797 was published Apr 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database