Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

286 advisories

Loading
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. Critical Unreviewed
CVE-2022-47629 was published Dec 21, 2022
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in... Critical Unreviewed
CVE-2022-25748 was published Oct 19, 2022
A write-what-where condition in hermes caused by an integer overflow, prior to commit... Critical Unreviewed
CVE-2022-35289 was published Oct 11, 2022
An internal reference count is held on the buffer pool, incremented every time a new buffer is... Critical Unreviewed
CVE-2021-3782 was published Sep 25, 2022
An integer overflow in WhatsApp could result in remote code execution in an established video call. Critical Unreviewed
CVE-2022-36934 was published Sep 23, 2022
Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in... Critical Unreviewed
CVE-2022-22105 was published Sep 17, 2022
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote... Critical Unreviewed
CVE-2022-31789 was published Sep 7, 2022
lz4-sys vulnerable to memory corruption via issue in liblz4 Critical
GHSA-9q5j-jm53-v7vr was published for lz4-sys (Rust) Sep 1, 2022
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause... Critical Unreviewed
CVE-2022-33719 was published Aug 6, 2022
WolfSSH v1.4.7 was discovered to contain an integer overflow via the function... Critical Unreviewed
CVE-2022-32073 was published Jul 14, 2022
Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile... Critical Unreviewed
CVE-2022-25651 was published Jun 15, 2022
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond... Critical Unreviewed
CVE-2022-28615 was published Jun 10, 2022
An integer overflow issue was addressed with improved input validation. This issue is fixed in... Critical Unreviewed
CVE-2022-26711 was published May 27, 2022
An integer overflow was addressed with improved input validation. This issue is fixed in Security... Critical Unreviewed
CVE-2022-26775 was published May 27, 2022
An integer overflow vulnerability in the calloc() function of the C runtime library of affected... Critical Unreviewed
CVE-2021-22156 was published May 24, 2022
An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function... Critical Unreviewed
CVE-2019-17211 was published May 24, 2022
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution... Critical Unreviewed
CVE-2021-29644 was published May 24, 2022
Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java... Critical Unreviewed
CVE-2020-18684 was published May 24, 2022
A VULNERABILITY_CLASS vulnerability exists in the FEATURE functionality of Disc Soft Ltd Deamon... Critical Unreviewed
CVE-2021-21832 was published May 24, 2022
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-22388 was published May 24, 2022
An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an... Critical Unreviewed
CVE-2021-37600 was published May 24, 2022
Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading... Critical Unreviewed
CVE-2021-24036 was published May 24, 2022
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary... Critical Unreviewed
CVE-2021-35942 was published May 24, 2022
Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote... Critical Unreviewed
CVE-2020-22875 was published May 24, 2022
Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote... Critical Unreviewed
CVE-2020-22874 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API