GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
282 advisories
Filter by severity
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c...
Critical
Unreviewed
CVE-2017-9199
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c...
Critical
Unreviewed
CVE-2017-9187
was published
May 17, 2022
Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC...
Critical
Unreviewed
CVE-2016-6999
was published
May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer...
Critical
Unreviewed
CVE-2016-10346
was published
May 17, 2022
Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote...
Critical
Unreviewed
CVE-2016-3078
was published
May 17, 2022
Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an...
Critical
Unreviewed
CVE-2017-14636
was published
May 17, 2022
In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp...
Critical
Unreviewed
CVE-2017-14630
was published
May 17, 2022
tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer()...
Critical
Unreviewed
CVE-2016-9538
was published
May 17, 2022
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate...
Critical
Unreviewed
CVE-2017-1000121
was published
May 17, 2022
Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162...
Critical
Unreviewed
CVE-2016-4287
was published
May 14, 2022
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in...
Critical
Unreviewed
CVE-2016-5770
was published
May 14, 2022
The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c...
Critical
Unreviewed
CVE-2016-7938
was published
May 14, 2022
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow...
Critical
Unreviewed
CVE-2017-2987
was published
May 14, 2022
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set...
Critical
Unreviewed
CVE-2017-5885
was published
May 14, 2022
Multiple integer overflows in CCN-lite before 2.00 allow context-dependent attackers to have...
Critical
Unreviewed
CVE-2017-12465
was published
May 14, 2022
Integer overflow in the ndn_parse_sequence function in CCN-lite before 2.00 allows context...
Critical
Unreviewed
CVE-2017-12470
was published
May 14, 2022
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2...
Critical
Unreviewed
CVE-2017-5804
was published
May 14, 2022
Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code...
Critical
Unreviewed
CVE-2014-5044
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2016-10494
was published
May 14, 2022
In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before...
Critical
Unreviewed
CVE-2017-17766
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC,...
Critical
Unreviewed
CVE-2016-10412
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210...
Critical
Unreviewed
CVE-2016-10407
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210...
Critical
Unreviewed
CVE-2016-10475
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 617...
Critical
Unreviewed
CVE-2016-10478
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400...
Critical
Unreviewed
CVE-2015-9219
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API