Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,669
Erlang
34
GitHub Actions
26
Go
2,261
Maven
5,000+
npm
3,910
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,321 advisories

Loading
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based... Critical Unreviewed
CVE-2025-23016 was published Jan 10, 2025
GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2025-2760 was published Apr 23, 2025
In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are... High Unreviewed
CVE-2022-20483 was published Dec 13, 2022
kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship... High Unreviewed
CVE-2017-17863 was published May 14, 2022
The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc... High Unreviewed
CVE-2017-17122 was published May 14, 2022
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows... High Unreviewed
CVE-2017-16612 was published May 14, 2022
coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU... High Unreviewed
CVE-2017-16831 was published May 14, 2022
The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka... High Unreviewed
CVE-2017-16832 was published May 14, 2022
The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer... High Unreviewed
CVE-2017-16830 was published May 14, 2022
The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to... High Unreviewed
CVE-2017-16828 was published May 14, 2022
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block... High Unreviewed
CVE-2017-17426 was published May 17, 2022
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to... High Unreviewed
CVE-2017-1000229 was published May 14, 2022
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the... Critical Unreviewed
CVE-2017-1000158 was published May 13, 2022
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an... Moderate Unreviewed
CVE-2017-15873 was published May 13, 2022
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5... High Unreviewed
CVE-2017-2888 was published May 13, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading... High Unreviewed
CVE-2017-8278 was published May 13, 2022
Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via... High Unreviewed
CVE-2015-1527 was published May 17, 2022
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick... High Unreviewed
CVE-2017-14167 was published May 13, 2022
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might... Moderate Unreviewed
CVE-2017-14173 was published May 13, 2022
An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx... Moderate Unreviewed
CVE-2017-14051 was published May 14, 2022
Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5... Moderate Unreviewed
CVE-2017-12797 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition... High Unreviewed
CVE-2017-8267 was published May 17, 2022
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote... High Unreviewed
CVE-2017-9835 was published May 13, 2022
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3... Moderate Unreviewed
CVE-2017-7542 was published May 13, 2022
Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used... High Unreviewed
CVE-2017-9765 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database