GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,063 advisories
Filter by severity
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-38104
was published
May 3, 2024
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-38103
was published
May 3, 2024
GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-37327
was published
May 3, 2024
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c...
Critical
Unreviewed
CVE-2023-47212
was published
May 1, 2024
An integer overflow or wraparound vulnerability has been reported to affect several QNAP...
Moderate
Unreviewed
CVE-2024-21905
was published
Apr 26, 2024
CosmWasm affected by arithmetic overflows
Low
GHSA-8724-5xmm-w5xq
was published
for
cosmwasm-std
(Rust)
Apr 24, 2024
Animate versions 23.0.4, 24.0.1 and earlier are affected by an Integer Overflow or Wraparound...
High
Unreviewed
CVE-2024-20795
was published
Apr 11, 2024
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-28923
was published
Apr 9, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28931
was published
Apr 9, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28936
was published
Apr 9, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28942
was published
Apr 9, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-28929
was published
Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-26171
was published
Apr 9, 2024
libdav1d-sys affected by dav1d AV1 decoder integer overflow
Moderate
GHSA-mc39-h54g-pvw6
was published
for
libdav1d-sys
(Rust)
Apr 5, 2024
transpose: Buffer overflow due to integer overflow
Critical
GHSA-5gmm-6m36-r7jh
was published
for
transpose
(Rust)
Apr 5, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series...
Critical
Unreviewed
CVE-2024-1916
was published
Mar 15, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series...
Critical
Unreviewed
CVE-2024-0803
was published
Mar 15, 2024
Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series...
Critical
Unreviewed
CVE-2024-1917
was published
Mar 15, 2024
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker...
Unknown
Unreviewed
CVE-2024-22396
was published
Mar 14, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21441
was published
Mar 12, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21450
was published
Mar 12, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21444
was published
Mar 12, 2024
pgproto3 SQL Injection via Protocol Message Size Overflow
Moderate
GHSA-7jwh-3vrq-q3m8
was published
for
github.com/jackc/pgproto3
(Go)
Mar 4, 2024
pgx SQL Injection via Protocol Message Size Overflow
Moderate
CVE-2024-27304
was published
for
github.com/jackc/pgproto3
(Go)
Mar 4, 2024
Memory corruption while processing a QMI request for allocating memory from a DHMS supported...
High
Unreviewed
CVE-2023-43550
was published
Mar 4, 2024
ProTip!
Advisories are also available from the
GraphQL API