Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,339 advisories

Loading
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with... High Unreviewed
CVE-2022-40303 was published Nov 23, 2022
In shared_metadata_init of SharedMetadata.cpp, there is a possible out of bounds write due to an... High Unreviewed
CVE-2022-42533 was published Nov 18, 2022
In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer... High Unreviewed
CVE-2022-44638 was published Nov 3, 2022
An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost... High Unreviewed
CVE-2022-32775 was published Oct 25, 2022
In DevmemIntHeapAcquire of TBD, there is a possible arbitrary code execution due to an integer... High Unreviewed
CVE-2021-0951 was published Oct 12, 2022
The trudesk application allows large characters to insert in the input field "Full Name" on the... High Unreviewed
CVE-2022-1718 was published Sep 30, 2022
A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in ... High Unreviewed
CVE-2022-2566 was published Sep 25, 2022
Memory corruption in audio while playing record due to improper list handling in two threads in... High Unreviewed
CVE-2022-22089 was published Sep 17, 2022
Possible integer overflow and memory corruption due to improper validation of buffer size sent to... High Unreviewed
CVE-2022-25656 was published Sep 17, 2022
In PVRSRVBridgePMRPDumpSymbolicAddr of the PowerVR kernel driver, a missing size check means... High Unreviewed
CVE-2021-0871 was published Sep 14, 2022
An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video... High Unreviewed
CVE-2022-39842 was published Sep 6, 2022
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder ... High Unreviewed
CVE-2022-38784 was published Aug 31, 2022
In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to... High Unreviewed
CVE-2022-24106 was published Aug 31, 2022
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. High Unreviewed
CVE-2022-24107 was published Aug 31, 2022
A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass... High Unreviewed
CVE-2021-20304 was published Aug 24, 2022
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream:... High Unreviewed
CVE-2022-38171 was published Aug 23, 2022
In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead... High Unreviewed
CVE-2022-20362 was published Aug 13, 2022
In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead... High Unreviewed
CVE-2022-20283 was published Aug 13, 2022
In AllocateInternalBuffers of g3aa_buffer_allocator.cc, there is a possible out of bounds write... High Unreviewed
CVE-2022-20383 was published Aug 12, 2022
An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A... High Unreviewed
CVE-2022-29886 was published Aug 6, 2022
An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A... High Unreviewed
CVE-2022-32543 was published Aug 6, 2022
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV. High Unreviewed
CVE-2022-2454 was published Jul 20, 2022
DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow... High Unreviewed
CVE-2022-1925 was published Jul 20, 2022
DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in... High Unreviewed
CVE-2022-1924 was published Jul 20, 2022
DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in... High Unreviewed
CVE-2022-1923 was published Jul 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database