GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
286 advisories
Filter by severity
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
Critical
Unreviewed
CVE-2022-47629
was published
Dec 21, 2022
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in...
Critical
Unreviewed
CVE-2022-25748
was published
Oct 19, 2022
A write-what-where condition in hermes caused by an integer overflow, prior to commit...
Critical
Unreviewed
CVE-2022-35289
was published
Oct 11, 2022
An internal reference count is held on the buffer pool, incremented every time a new buffer is...
Critical
Unreviewed
CVE-2021-3782
was published
Sep 25, 2022
An integer overflow in WhatsApp could result in remote code execution in an established video call.
Critical
Unreviewed
CVE-2022-36934
was published
Sep 23, 2022
Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in...
Critical
Unreviewed
CVE-2022-22105
was published
Sep 17, 2022
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote...
Critical
Unreviewed
CVE-2022-31789
was published
Sep 7, 2022
lz4-sys vulnerable to memory corruption via issue in liblz4
Critical
GHSA-9q5j-jm53-v7vr
was published
for
lz4-sys
(Rust)
Sep 1, 2022
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause...
Critical
Unreviewed
CVE-2022-33719
was published
Aug 6, 2022
WolfSSH v1.4.7 was discovered to contain an integer overflow via the function...
Critical
Unreviewed
CVE-2022-32073
was published
Jul 14, 2022
Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile...
Critical
Unreviewed
CVE-2022-25651
was published
Jun 15, 2022
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond...
Critical
Unreviewed
CVE-2022-28615
was published
Jun 10, 2022
An integer overflow issue was addressed with improved input validation. This issue is fixed in...
Critical
Unreviewed
CVE-2022-26711
was published
May 27, 2022
An integer overflow was addressed with improved input validation. This issue is fixed in Security...
Critical
Unreviewed
CVE-2022-26775
was published
May 27, 2022
An integer overflow vulnerability in the calloc() function of the C runtime library of affected...
Critical
Unreviewed
CVE-2021-22156
was published
May 24, 2022
An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function...
Critical
Unreviewed
CVE-2019-17211
was published
May 24, 2022
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution...
Critical
Unreviewed
CVE-2021-29644
was published
May 24, 2022
Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java...
Critical
Unreviewed
CVE-2020-18684
was published
May 24, 2022
A VULNERABILITY_CLASS vulnerability exists in the FEATURE functionality of Disc Soft Ltd Deamon...
Critical
Unreviewed
CVE-2021-21832
was published
May 24, 2022
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this...
Critical
Unreviewed
CVE-2021-22388
was published
May 24, 2022
An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an...
Critical
Unreviewed
CVE-2021-37600
was published
May 24, 2022
Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading...
Critical
Unreviewed
CVE-2021-24036
was published
May 24, 2022
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary...
Critical
Unreviewed
CVE-2021-35942
was published
May 24, 2022
Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote...
Critical
Unreviewed
CVE-2020-22875
was published
May 24, 2022
Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote...
Critical
Unreviewed
CVE-2020-22874
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API