Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

146 advisories

Loading
vim is vulnerable to Heap-based Buffer Overflow Moderate Unreviewed
CVE-2022-0158 was published Jan 11, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Moderate Unreviewed
CVE-2022-0714 was published Feb 23, 2022
Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5... Moderate Unreviewed
CVE-2022-1052 was published Mar 25, 2022
heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is... Moderate Unreviewed
CVE-2022-1244 was published Apr 6, 2022
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial... Moderate Unreviewed
CVE-2013-7354 was published May 17, 2022
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5... Moderate Unreviewed
CVE-2013-7353 was published May 17, 2022
** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly... Moderate Unreviewed
CVE-2013-3245 was published May 17, 2022
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC PDM (All versions),... Moderate Unreviewed
CVE-2020-7586 was published May 24, 2022
There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker... Moderate Unreviewed
CVE-2020-27841 was published May 24, 2022
There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is... Moderate Unreviewed
CVE-2020-27845 was published May 24, 2022
A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service... Moderate Unreviewed
CVE-2020-27829 was published May 24, 2022
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability... Moderate Unreviewed
CVE-2021-36056 was published May 24, 2022
User controlled parameters related to SMTP notifications are not correctly validated. This can... Moderate Unreviewed
CVE-2021-31986 was published May 24, 2022
A heap-based buffer overflow flaw was found in the Fribidi package and affects the... Moderate Unreviewed
CVE-2022-25309 was published Sep 7, 2022
In wlan driver, there is a possible missing bounds check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-44428 was published Jan 4, 2023
In wlan driver, there is a possible missing bounds check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-44427 was published Jan 4, 2023
In wlan driver, there is a possible missing bounds check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-44430 was published Jan 4, 2023
In wlan driver, there is a possible missing bounds check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-44429 was published Jan 4, 2023
In wlan driver, there is a possible missing params check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-42783 was published Feb 12, 2023
A vulnerability classified as critical was found in vox2png 1.0. Affected by this vulnerability... Moderate Unreviewed
CVE-2023-1010 was published Feb 24, 2023
A vulnerability, which was classified as problematic, has been found in syoyo tinydng. Affected... Moderate Unreviewed
CVE-2023-1570 was published Mar 22, 2023
A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA... Moderate Unreviewed
CVE-2023-20081 was published Mar 23, 2023
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum()... Moderate Unreviewed
CVE-2023-1906 was published Apr 13, 2023
A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the... Moderate Unreviewed
CVE-2023-2241 was published Apr 22, 2023
Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a... Moderate Unreviewed
CVE-2023-30763 was published May 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database