Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

297 advisories

Loading
An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw... Critical Unreviewed
CVE-2017-6889 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c... Critical Unreviewed
CVE-2017-9162 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c... Critical Unreviewed
CVE-2017-9161 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed
CVE-2017-9184 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed
CVE-2017-9186 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed
CVE-2017-9185 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9198 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9199 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9200 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9197 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed
CVE-2017-9187 was published May 17, 2022
Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC... Critical Unreviewed
CVE-2016-6999 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer... Critical Unreviewed
CVE-2016-10346 was published May 17, 2022
Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote... Critical Unreviewed
CVE-2016-3078 was published May 17, 2022
Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an... Critical Unreviewed
CVE-2017-14636 was published May 17, 2022
In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp... Critical Unreviewed
CVE-2017-14630 was published May 17, 2022
tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer()... Critical Unreviewed
CVE-2016-9538 was published May 17, 2022
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate... Critical Unreviewed
CVE-2017-1000121 was published May 17, 2022
Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162... Critical Unreviewed
CVE-2016-4287 was published May 14, 2022
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in... Critical Unreviewed
CVE-2016-5770 was published May 14, 2022
The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c... Critical Unreviewed
CVE-2016-7938 was published May 14, 2022
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow... Critical Unreviewed
CVE-2017-2987 was published May 14, 2022
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set... Critical Unreviewed
CVE-2017-5885 was published May 14, 2022
Multiple integer overflows in CCN-lite before 2.00 allow context-dependent attackers to have... Critical Unreviewed
CVE-2017-12465 was published May 14, 2022
Integer overflow in the ndn_parse_sequence function in CCN-lite before 2.00 allows context... Critical Unreviewed
CVE-2017-12470 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database