Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

43 advisories

Loading
A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME... Low Unreviewed
CVE-2025-4945 was published May 19, 2025
Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in... Low Unreviewed
CVE-2025-2574 was published Mar 20, 2025
An integer overflow in the SMU could allow a privileged attacker to potentially write memory... Low Unreviewed
CVE-2023-31365 was published Sep 6, 2025
Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a... Low Unreviewed
CVE-2021-46750 was published Sep 6, 2025
Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series... Low Unreviewed
CVE-2025-24324 was published Aug 12, 2025
CosmWasm affected by arithmetic overflows Low
CVE-2024-58263 was published for cosmwasm-std (Rust) Apr 24, 2024
Duplicate Advisory: CosmWasm affected by arithmetic overflows Low
GHSA-rm83-pxjx-pr5j was published for cosmwasm-std (Rust) Jul 27, 2025 withdrawn
An integer overflow in the image processing binary of the MIB3 infotainment unit allows an... Low Unreviewed
CVE-2023-28903 was published Jun 28, 2025
A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is... Low Unreviewed
CVE-2025-6052 was published Jun 13, 2025
A vulnerability has been identified in the libarchive library. This flaw involves an integer... Low Unreviewed
CVE-2025-5916 was published Jun 9, 2025
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown... Low Unreviewed
CVE-2016-9085 was published May 13, 2022
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long... Low Unreviewed
CVE-2025-3360 was published Apr 7, 2025
An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user... Low Unreviewed
CVE-2023-34406 was published Feb 14, 2025
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by... Low Unreviewed
CVE-2024-12546 was published Mar 11, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-20024 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-0587 was published Mar 4, 2025
An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds... Low Unreviewed
CVE-2023-20507 was published Feb 11, 2025
An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2... Low Unreviewed
CVE-2024-46669 was published Jan 14, 2025
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The... Low Unreviewed
CVE-2024-21105 was published Apr 17, 2024
Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated... Low Unreviewed
CVE-2024-21783 was published Nov 13, 2024
CHECK-fail due to integer overflow Low
CVE-2021-29584 was published for tensorflow (pip) May 21, 2021
In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an... Low Unreviewed
CVE-2024-10917 was published Nov 11, 2024
CHECK-fail in AddManySparseToTensorsMap Low
CVE-2021-29523 was published for tensorflow (pip) May 21, 2021
GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many... Low Unreviewed
CVE-2024-50610 was published Oct 28, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer... Low Unreviewed
CVE-2024-28044 was published Sep 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database