Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

55 advisories

vyper's range(start, start + N) reverts for negative numbers Moderate
CVE-2024-32481 was published for vyper (pip) Apr 25, 2024
trocher
Microsoft ODBC Driver Remote Code Execution Vulnerability High Unreviewed
CVE-2024-26162 was published Mar 12, 2024
Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated... Moderate Unreviewed
CVE-2023-28063 was published Feb 6, 2024
Okio Signed to Unsigned Conversion Error vulnerability Moderate
CVE-2023-3635 was published for com.squareup.okio:okio (Maven) Jul 12, 2023
trettstadtnlb adrienpessu
A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive... High Unreviewed
CVE-2023-20006 was published Jun 28, 2023
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign... High Unreviewed
CVE-2023-0185 was published Apr 1, 2023
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of... Critical Unreviewed
CVE-2022-43663 was published Mar 20, 2023
Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed... Moderate Unreviewed
CVE-2022-42324 was published Nov 1, 2022
An integer conversion error in Hermes bytecode generation, prior to commit... Critical Unreviewed
CVE-2022-40138 was published Oct 11, 2022
Besu VM vulnerable to gas allocation error in CALL operations Critical
CVE-2022-36025 was published for org.hyperledger.besu:evm (Maven) Sep 23, 2022
holiman
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large... High Unreviewed
CVE-2022-2639 was published Sep 2, 2022
Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets High
CVE-2022-34169 was published for xalan:xalan (Maven) Jul 20, 2022
udengaardandersent-ELS Diddern
skuma762_uhg
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this... High Unreviewed
CVE-2014-125011 was published Jun 19, 2022
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an... Moderate Unreviewed
CVE-2014-125012 was published Jun 19, 2022
An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux... Moderate Unreviewed
CVE-2020-28588 was published May 24, 2022
An exploitable signed conversion vulnerability exists in the TextMaker document parsing... High Unreviewed
CVE-2020-13545 was published May 24, 2022
An exploitable sign extension vulnerability exists in the TextMaker document parsing... High Unreviewed
CVE-2020-13544 was published May 24, 2022
An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for... Critical Unreviewed
CVE-2021-36357 was published May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality... High Unreviewed
CVE-2021-21860 was published May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality... High Unreviewed
CVE-2021-21861 was published May 24, 2022
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer... High Unreviewed
CVE-2021-32461 was published May 24, 2022
Due to unexpected data type conversions, a use-after-free could have occurred when interacting... High Unreviewed
CVE-2021-23997 was published May 24, 2022
Windows MSHTML Platform Remote Code Execution Vulnerability High Unreviewed
CVE-2021-33742 was published May 24, 2022
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If... High Unreviewed
CVE-2021-27218 was published May 24, 2022
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function... High Unreviewed
CVE-2021-27219 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API