GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
33 advisories
Filter by severity
A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of...
Critical
Unreviewed
CVE-2021-21811
was published
May 24, 2022
ZAngband zangband-data 2.7.5 is affected by an integer underflow vulnerability in src/tk/plat.c...
Critical
Unreviewed
CVE-2021-40589
was published
Jun 9, 2022
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function...
Critical
Unreviewed
CVE-2019-10053
was published
May 24, 2022
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an...
Critical
Unreviewed
CVE-2019-14532
was published
May 24, 2022
Possible out of bound memory access in audio due to integer underflow while processing modified...
Critical
Unreviewed
CVE-2020-3691
was published
May 24, 2022
Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in...
Critical
Unreviewed
CVE-2021-1919
was published
May 24, 2022
Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto,...
Critical
Unreviewed
CVE-2021-1920
was published
May 24, 2022
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer...
Critical
Unreviewed
CVE-2021-33315
was published
May 12, 2022
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer...
Critical
Unreviewed
CVE-2021-33316
was published
May 12, 2022
Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES...
Critical
Unreviewed
CVE-2015-0537
was published
May 13, 2022
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message,...
Critical
Unreviewed
CVE-2017-9214
was published
May 13, 2022
Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a...
Critical
Unreviewed
CVE-2016-1925
was published
May 13, 2022
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in...
Critical
Unreviewed
CVE-2018-14353
was published
May 13, 2022
Fuji Electric V-Server 4.0.3.0 and prior, An integer underflow vulnerability has been identified,...
Critical
Unreviewed
CVE-2018-14817
was published
May 13, 2022
Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to...
Critical
Unreviewed
CVE-2017-11757
was published
May 13, 2022
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap...
Critical
Unreviewed
CVE-2018-20180
was published
May 13, 2022
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap...
Critical
Unreviewed
CVE-2018-20179
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9129
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile...
Critical
Unreviewed
CVE-2015-9167
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9198
was published
May 14, 2022
An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This...
Critical
Unreviewed
CVE-2017-8911
was published
May 17, 2022
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics...
Critical
Unreviewed
CVE-2016-10166
was published
May 17, 2022
Integer underflow in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 might allow...
Critical
Unreviewed
CVE-2015-2311
was published
May 17, 2022
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
Critical
Unreviewed
CVE-2022-4338
was published
Jan 11, 2023
Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to...
Critical
Unreviewed
CVE-2024-0808
was published
Jan 24, 2024
ProTip!
Advisories are also available from the
GraphQL API