Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

53 advisories

Loading
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was... Moderate Unreviewed
CVE-2022-23034 was published Jan 26, 2022
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly... Moderate Unreviewed
CVE-2022-0544 was published Feb 25, 2022
In preloader (usb), there is a possible out of bounds write due to a integer underflow. This... Moderate Unreviewed
CVE-2022-20073 was published Apr 12, 2022
Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior,... Moderate Unreviewed
CVE-2021-20607 was published Dec 18, 2021
An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G... Moderate Unreviewed
CVE-2022-30787 was published May 27, 2022
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR... Moderate Unreviewed
CVE-2021-26260 was published May 24, 2022
The Rating by BestWebSoft WordPress plugin through 1.5 does not validate the submitted rating,... Moderate Unreviewed
CVE-2021-25121 was published Jun 21, 2022
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an... Moderate Unreviewed
CVE-2019-1628 was published May 24, 2022
An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc`... Moderate Unreviewed
CVE-2020-14378 was published May 24, 2022
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension... Moderate Unreviewed
CVE-2020-14346 was published May 24, 2022
Buffer overflow can occur while processing non-standard NAN message from user space. in... Moderate Unreviewed
CVE-2019-2297 was published May 24, 2022
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to... Moderate Unreviewed
CVE-2020-14361 was published May 24, 2022
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to... Moderate Unreviewed
CVE-2020-14362 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa... Moderate Unreviewed
CVE-2019-5148 was published May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed
CVE-2020-14699 was published May 24, 2022
An exploitable denial of service vulnerability exists in the freeDiameter functionality of... Moderate Unreviewed
CVE-2020-6098 was published May 24, 2022
Wazuh Manager in Wazuh through 4.1.5 is affected by a remote Integer Underflow vulnerability that... Moderate Unreviewed
CVE-2021-41821 was published May 24, 2022
An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0... Moderate Unreviewed
CVE-2021-26945 was published May 24, 2022
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText... Moderate Unreviewed
CVE-2022-3165 was published Oct 17, 2022
An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of... Moderate Unreviewed
CVE-2018-3926 was published May 13, 2022
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the... Moderate Unreviewed
CVE-2015-5212 was published May 13, 2022
When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't... Moderate Unreviewed
CVE-2019-9133 was published May 13, 2022
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a... Moderate Unreviewed
CVE-2010-2497 was published May 13, 2022
Integer underflow in the asfrtp_parse_packet function in libavformat/rtpdec_asf.c in FFmpeg... Moderate Unreviewed
CVE-2011-4031 was published May 13, 2022
An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for... Moderate Unreviewed
CVE-2017-8906 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database