GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
45 advisories
Filter by severity
The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which...
High
Unreviewed
CVE-2021-32996
was published
Jan 11, 2022
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant...
High
Unreviewed
CVE-2022-27882
was published
Mar 26, 2022
Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10...
High
Unreviewed
CVE-2007-4268
was published
May 1, 2022
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context...
Moderate
Unreviewed
CVE-2007-4988
was published
May 1, 2022
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote...
High
Unreviewed
CVE-2008-1721
was published
May 1, 2022
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the...
High
Unreviewed
CVE-2008-3282
was published
May 1, 2022
The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and...
High
Unreviewed
CVE-2009-0231
was published
May 2, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x...
High
Unreviewed
CVE-2022-27189
was published
May 6, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and...
High
Unreviewed
CVE-2021-27478
was published
May 13, 2022
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin...
High
Unreviewed
CVE-2019-9749
was published
May 13, 2022
FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows...
Moderate
Unreviewed
CVE-2010-2807
was published
May 13, 2022
The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka...
Moderate
Unreviewed
CVE-2017-17446
was published
May 13, 2022
In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative...
Moderate
Unreviewed
CVE-2018-5251
was published
May 13, 2022
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7...
Moderate
Unreviewed
CVE-2018-5711
was published
May 13, 2022
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote...
Critical
Unreviewed
CVE-2016-3074
was published
May 14, 2022
PowerDNS Authoritative daemon , all versions pdns 4.1.x before pdns 4.1.10, exiting when...
Moderate
Unreviewed
CVE-2019-10203
was published
May 24, 2022
Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in...
Critical
Unreviewed
CVE-2019-14842
was published
May 24, 2022
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a...
High
Unreviewed
CVE-2019-19317
was published
May 24, 2022
Windows Kernel Local Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2020-17087
was published
May 24, 2022
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function...
High
Unreviewed
CVE-2021-27219
was published
May 24, 2022
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If...
High
Unreviewed
CVE-2021-27218
was published
May 24, 2022
Windows MSHTML Platform Remote Code Execution Vulnerability
High
Unreviewed
CVE-2021-33742
was published
May 24, 2022
Due to unexpected data type conversions, a use-after-free could have occurred when interacting...
High
Unreviewed
CVE-2021-23997
was published
May 24, 2022
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer...
High
Unreviewed
CVE-2021-32461
was published
May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality...
High
Unreviewed
CVE-2021-21861
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API