GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,720

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

297 advisories

Filter by severity

Sort by

Least recently updated

An integer overflow vulnerability in the calloc() function of the C runtime library of affected... Critical Unreviewed

CVE-2021-22156 was published May 24, 2022

An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function... Critical Unreviewed

CVE-2019-17211 was published May 24, 2022

Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution... Critical Unreviewed

CVE-2021-29644 was published May 24, 2022

Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java... Critical Unreviewed

CVE-2020-18684 was published May 24, 2022

A VULNERABILITY_CLASS vulnerability exists in the FEATURE functionality of Disc Soft Ltd Deamon... Critical Unreviewed

CVE-2021-21832 was published May 24, 2022

There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-22388 was published May 24, 2022

An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an... Critical Unreviewed

CVE-2021-37600 was published May 24, 2022

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading... Critical Unreviewed

CVE-2021-24036 was published May 24, 2022

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary... Critical Unreviewed

CVE-2021-35942 was published May 24, 2022

Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote... Critical Unreviewed

CVE-2020-22875 was published May 24, 2022

Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote... Critical Unreviewed

CVE-2020-22874 was published May 24, 2022

Integer overflow vulnerability in payable function of a smart contract implementation for an... Critical Unreviewed

CVE-2020-17752 was published May 24, 2022

Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc,... Critical Unreviewed

CVE-2021-26461 was published May 24, 2022

A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality... Critical Unreviewed

CVE-2021-21795 was published May 24, 2022

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a... Critical Unreviewed

CVE-2017-20005 was published May 24, 2022

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4... Critical Unreviewed

CVE-2021-3520 was published May 24, 2022

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4... Critical Unreviewed

CVE-2021-3402 was published May 24, 2022

An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer... Critical Unreviewed

CVE-2020-35198 was published May 24, 2022

Memory corruption while processing crafted SDES packets due to improper length check in sdes... Critical Unreviewed

CVE-2020-11279 was published May 24, 2022

Multiple integer overflow issues exist while processing long domain names, which may allow an... Critical Unreviewed

CVE-2021-22671 was published May 24, 2022

The affected product is vulnerable to an integer overflow while processing HTTP headers, which... Critical Unreviewed

CVE-2021-22679 was published May 24, 2022

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e... Critical Unreviewed

CVE-2020-28017 was published May 24, 2022

Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote... Critical Unreviewed

CVE-2020-28020 was published May 24, 2022

An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio... Critical Unreviewed

CVE-2021-31872 was published May 24, 2022

An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result... Critical Unreviewed

CVE-2021-31870 was published May 24, 2022

Previous 1 2 3 4 5 6 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

297 advisories