Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

292 advisories

Loading
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer... Critical Unreviewed
CVE-2022-26495 was published Mar 7, 2022
The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful... Critical Unreviewed
CVE-2021-22480 was published Feb 26, 2022
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server... Critical Unreviewed
CVE-2022-25330 was published Feb 25, 2022
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer... Critical Unreviewed
CVE-2022-24310 was published Feb 11, 2022
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed
CVE-2022-22823 was published Feb 10, 2022
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed
CVE-2022-22822 was published Feb 10, 2022
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed
CVE-2022-22824 was published Feb 10, 2022
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for... Critical Unreviewed
CVE-2022-23852 was published Feb 10, 2022
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Critical Unreviewed
CVE-2022-23990 was published Feb 10, 2022
In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer... Critical Unreviewed
CVE-2021-30636 was published Jan 25, 2022
An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following... Critical Unreviewed
CVE-2021-26706 was published Jan 25, 2022
There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of... Critical Unreviewed
CVE-2021-39993 was published Jan 11, 2022
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45608 was published Dec 27, 2021
When parsing a file that is submitted to the DPDecoder service as a job, the service will use the... Critical Unreviewed
CVE-2021-40417 was published Dec 23, 2021
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS... Critical Unreviewed
CVE-2021-26109 was published Dec 9, 2021
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful... Critical Unreviewed
CVE-2021-37065 was published Dec 8, 2021
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful... Critical Unreviewed
CVE-2021-37095 was published Dec 8, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database