GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,903

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

305 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An internal reference count is held on the buffer pool, incremented every time a new buffer is... Critical Unreviewed

CVE-2021-3782 was published Sep 25, 2022

An integer overflow in WhatsApp could result in remote code execution in an established video call. Critical Unreviewed

CVE-2022-36934 was published Sep 23, 2022

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in... Critical Unreviewed

CVE-2022-22105 was published Sep 17, 2022

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote... Critical Unreviewed

CVE-2022-31789 was published Sep 7, 2022

Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause... Critical Unreviewed

CVE-2022-33719 was published Aug 6, 2022

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function... Critical Unreviewed

CVE-2022-32073 was published Jul 14, 2022

Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile... Critical Unreviewed

CVE-2022-25651 was published Jun 15, 2022

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond... Critical Unreviewed

CVE-2022-28615 was published Jun 10, 2022

An integer overflow issue was addressed with improved input validation. This issue is fixed in... Critical Unreviewed

CVE-2022-26711 was published May 27, 2022

An integer overflow was addressed with improved input validation. This issue is fixed in Security... Critical Unreviewed

CVE-2022-26775 was published May 27, 2022

An integer overflow vulnerability in the calloc() function of the C runtime library of affected... Critical Unreviewed

CVE-2021-22156 was published May 24, 2022

An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function... Critical Unreviewed

CVE-2019-17211 was published May 24, 2022

Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution... Critical Unreviewed

CVE-2021-29644 was published May 24, 2022

Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java... Critical Unreviewed

CVE-2020-18684 was published May 24, 2022

A VULNERABILITY_CLASS vulnerability exists in the FEATURE functionality of Disc Soft Ltd Deamon... Critical Unreviewed

CVE-2021-21832 was published May 24, 2022

There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-22388 was published May 24, 2022

An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an... Critical Unreviewed

CVE-2021-37600 was published May 24, 2022

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading... Critical Unreviewed

CVE-2021-24036 was published May 24, 2022

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary... Critical Unreviewed

CVE-2021-35942 was published May 24, 2022

Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote... Critical Unreviewed

CVE-2020-22874 was published May 24, 2022

Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote... Critical Unreviewed

CVE-2020-22875 was published May 24, 2022

Integer overflow vulnerability in payable function of a smart contract implementation for an... Critical Unreviewed

CVE-2020-17752 was published May 24, 2022

Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc,... Critical Unreviewed

CVE-2021-26461 was published May 24, 2022

A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality... Critical Unreviewed

CVE-2021-21795 was published May 24, 2022

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a... Critical Unreviewed

CVE-2017-20005 was published May 24, 2022

Previous 1…4…13 Next

Previous 1 2 3 4 5 6 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

305 advisories