GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
297 advisories
Filter by severity
Critical severity vulnerability that affects org.eclipse.jetty:jetty-server
Critical
CVE-2017-7657
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 19, 2018
Integer Overflow or Wraparound in Google TensorFlow
Critical
CVE-2018-7575
was published
for
tensorflow
(pip)
Apr 30, 2019
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful...
Critical
Unreviewed
CVE-2021-37095
was published
Dec 8, 2021
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful...
Critical
Unreviewed
CVE-2021-37065
was published
Dec 8, 2021
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS...
Critical
Unreviewed
CVE-2021-26109
was published
Dec 9, 2021
Buffer overrun in CGI.escape_html
Critical
CVE-2021-41816
was published
for
cgi
(RubyGems)
Dec 14, 2021
When parsing a file that is submitted to the DPDecoder service as a job, the service will use the...
Critical
Unreviewed
CVE-2021-40417
was published
Dec 23, 2021
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45608
was published
Dec 27, 2021
There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of...
Critical
Unreviewed
CVE-2021-39993
was published
Jan 11, 2022
In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer...
Critical
Unreviewed
CVE-2021-30636
was published
Jan 25, 2022
An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following...
Critical
Unreviewed
CVE-2021-26706
was published
Jan 25, 2022
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
Critical
Unreviewed
CVE-2022-23990
was published
Feb 10, 2022
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for...
Critical
Unreviewed
CVE-2022-23852
was published
Feb 10, 2022
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Critical
Unreviewed
CVE-2022-22824
was published
Feb 10, 2022
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Critical
Unreviewed
CVE-2022-22822
was published
Feb 10, 2022
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Critical
Unreviewed
CVE-2022-22823
was published
Feb 10, 2022
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer...
Critical
Unreviewed
CVE-2022-24310
was published
Feb 11, 2022
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server...
Critical
Unreviewed
CVE-2022-25330
was published
Feb 25, 2022
The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful...
Critical
Unreviewed
CVE-2021-22480
was published
Feb 26, 2022
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer...
Critical
Unreviewed
CVE-2022-26495
was published
Mar 7, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS...
Critical
Unreviewed
CVE-2021-42019
was published
Mar 9, 2022
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32...
Critical
Unreviewed
CVE-2022-22721
was published
Mar 15, 2022
Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound...
Critical
Unreviewed
CVE-2022-23884
was published
Mar 29, 2022
ProTip!
Advisories are also available from the
GraphQL API