Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

57 advisories

Loading
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant... High Unreviewed
CVE-2022-27882 was published Mar 26, 2022
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote... High Unreviewed
CVE-2008-1721 was published May 1, 2022
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote... Critical Unreviewed
CVE-2016-3074 was published May 14, 2022
Signed to Unsigned Conversion Error in Facebook Hermes High
CVE-2020-1913 was published for hermes-engine (npm) May 24, 2022
An exploitable sign extension vulnerability exists in the TextMaker document parsing... High Unreviewed
CVE-2020-13544 was published May 24, 2022
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this... High Unreviewed
CVE-2014-125011 was published Jun 19, 2022
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an... Moderate Unreviewed
CVE-2014-125012 was published Jun 19, 2022
Besu VM vulnerable to gas allocation error in CALL operations Critical
CVE-2022-36025 was published for org.hyperledger.besu:evm (Maven) Sep 23, 2022
holiman
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a... High Unreviewed
CVE-2019-19317 was published May 24, 2022
Due to unexpected data type conversions, a use-after-free could have occurred when interacting... High Unreviewed
CVE-2021-23997 was published May 24, 2022
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer... High Unreviewed
CVE-2021-32461 was published May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality... High Unreviewed
CVE-2021-21861 was published May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality... High Unreviewed
CVE-2021-21860 was published May 24, 2022
An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for... Critical Unreviewed
CVE-2021-36357 was published May 24, 2022
An exploitable signed conversion vulnerability exists in the TextMaker document parsing... High Unreviewed
CVE-2020-13545 was published May 24, 2022
An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux... Moderate Unreviewed
CVE-2020-28588 was published May 24, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... High Unreviewed
CVE-2022-27189 was published May 6, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and... High Unreviewed
CVE-2021-27478 was published May 13, 2022
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow Low
CVE-2019-16778 was published for tensorflow (pip) Dec 16, 2019
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin... High Unreviewed
CVE-2019-9749 was published May 13, 2022
FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows... Moderate Unreviewed
CVE-2010-2807 was published May 13, 2022
Segfault in tf.raw_ops.ImmutableConst Low
CVE-2021-29539 was published for tensorflow (pip) May 21, 2021
Integer overflow due to conversion to unsigned Moderate
CVE-2021-37645 was published for tensorflow (pip) Aug 25, 2021
Incorrect cast in anymap Critical
CVE-2021-38187 was published for anymap (Rust) Aug 25, 2021
Bad alloc in `StringNGrams` caused by integer conversion Moderate
CVE-2021-37646 was published for tensorflow (pip) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API