Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,300
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,233 advisories

Loading
A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME... Low Unreviewed
CVE-2025-4945 was published May 19, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2025-30712 was published Apr 15, 2025
In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer... Moderate Unreviewed
CVE-2025-48174 was published May 16, 2025
In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications... Moderate Unreviewed
CVE-2025-48175 was published May 16, 2025
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2022-39105 was published Oct 15, 2022
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS... High Unreviewed
CVE-2025-31221 was published May 13, 2025
Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Overflow or... High Unreviewed
CVE-2025-30325 was published May 13, 2025
Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound... High Unreviewed
CVE-2025-43547 was published May 13, 2025
Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Overflow or Wraparound... High Unreviewed
CVE-2025-43556 was published May 13, 2025
In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer... Moderate Unreviewed
CVE-2022-49885 was published May 1, 2025
An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3... High Unreviewed
CVE-2024-23531 was published Apr 19, 2024
In the Linux kernel, the following vulnerability has been resolved: udp: Fix multiple... Moderate Unreviewed
CVE-2025-22059 was published Apr 16, 2025
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Prevent integer... Moderate Unreviewed
CVE-2025-22080 was published Apr 16, 2025
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a couple... Moderate Unreviewed
CVE-2025-22081 was published Apr 16, 2025
Memory corruption Camera kernel when large number of devices are attached through userspace. High Unreviewed
CVE-2024-45575 was published May 6, 2025
ping in iputils through 20240905 allows a denial of service (application error or incorrect data... Moderate Unreviewed
CVE-2025-47268 was published May 5, 2025
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. High Unreviewed
CVE-2022-25314 was published Feb 19, 2022
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Critical Unreviewed
CVE-2022-23990 was published Feb 10, 2022
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for... Critical Unreviewed
CVE-2022-23852 was published Feb 10, 2022
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for... High Unreviewed
CVE-2021-46143 was published Feb 10, 2022
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. Moderate Unreviewed
CVE-2022-25315 was published Feb 19, 2022
In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer... High Unreviewed
CVE-2022-44638 was published Nov 3, 2022
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to... Critical Unreviewed
CVE-2022-23943 was published Mar 15, 2022
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond... Critical Unreviewed
CVE-2022-28615 was published Jun 10, 2022
Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2025-2082 was published Apr 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database