Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

302 advisories

Loading
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S... Critical Unreviewed
CVE-2017-12179 was published May 13, 2022
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function... Critical Unreviewed
CVE-2017-12177 was published May 13, 2022
An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project... Critical Unreviewed
CVE-2025-52581 was published Aug 25, 2025
An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project... Critical Unreviewed
CVE-2025-53518 was published Aug 25, 2025
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c... Critical Unreviewed
CVE-2023-47212 was published May 1, 2024
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Critical Unreviewed
CVE-2021-42019 was published Mar 9, 2022
Integer Overflow vulnerability in mp_grow in libtom libtommath before commit... Critical Unreviewed
CVE-2023-36328 was published Sep 1, 2023
Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly (src/redis/lua/struct... Critical Unreviewed
CVE-2025-52935 was published Jun 23, 2025
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This... Critical Unreviewed
CVE-2025-49710 was published Jun 11, 2025
An integer overflow in WhatsApp could result in remote code execution in an established video call. Critical Unreviewed
CVE-2022-36934 was published Sep 23, 2022
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Critical Unreviewed
CVE-2022-23990 was published Feb 10, 2022
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for... Critical Unreviewed
CVE-2022-23852 was published Feb 10, 2022
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to... Critical Unreviewed
CVE-2022-23943 was published Mar 15, 2022
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond... Critical Unreviewed
CVE-2022-28615 was published Jun 10, 2022
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based... Critical Unreviewed
CVE-2025-23016 was published Jan 10, 2025
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the... Critical Unreviewed
CVE-2017-1000158 was published May 13, 2022
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus... Critical Unreviewed
CVE-2012-6706 was published May 14, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c... Critical Unreviewed
CVE-2017-9161 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9200 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9199 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9197 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9198 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in... Critical Unreviewed
CVE-2017-9196 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed
CVE-2017-9186 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed
CVE-2017-9187 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database