GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
282 advisories
Filter by severity
Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon...
Critical
Unreviewed
CVE-2018-13886
was published
May 24, 2022
Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto,...
Critical
Unreviewed
CVE-2018-13887
was published
May 24, 2022
In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to...
Critical
Unreviewed
CVE-2019-2046
was published
May 24, 2022
Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows...
Critical
Unreviewed
CVE-2016-4344
was published
May 17, 2022
Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP...
Critical
Unreviewed
CVE-2016-4345
was published
May 17, 2022
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before...
Critical
Unreviewed
CVE-2016-5769
was published
May 17, 2022
On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so...
Critical
Unreviewed
CVE-2016-7990
was published
May 17, 2022
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to...
Critical
Unreviewed
CVE-2016-5841
was published
May 17, 2022
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a...
Critical
Unreviewed
CVE-2016-8438
was published
May 17, 2022
Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0...
Critical
Unreviewed
CVE-2016-6164
was published
May 17, 2022
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182...
Critical
Unreviewed
CVE-2016-0993
was published
May 17, 2022
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182...
Critical
Unreviewed
CVE-2016-1010
was published
May 17, 2022
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182...
Critical
Unreviewed
CVE-2016-0963
was published
May 17, 2022
Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified...
Critical
Unreviewed
CVE-2016-6871
was published
May 17, 2022
Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have...
Critical
Unreviewed
CVE-2016-6872
was published
May 17, 2022
In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which...
Critical
Unreviewed
CVE-2016-9132
was published
May 17, 2022
An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw...
Critical
Unreviewed
CVE-2017-6889
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c...
Critical
Unreviewed
CVE-2017-9161
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c...
Critical
Unreviewed
CVE-2017-9162
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c...
Critical
Unreviewed
CVE-2017-9184
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c...
Critical
Unreviewed
CVE-2017-9185
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c...
Critical
Unreviewed
CVE-2017-9186
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c...
Critical
Unreviewed
CVE-2017-9198
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c...
Critical
Unreviewed
CVE-2017-9199
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c...
Critical
Unreviewed
CVE-2017-9200
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API