Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,228 advisories

Loading
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with... High Unreviewed
CVE-2022-0204 was published Mar 11, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Critical Unreviewed
CVE-2021-42019 was published Mar 9, 2022
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer... Critical Unreviewed
CVE-2022-26495 was published Mar 7, 2022
An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote... High Unreviewed
CVE-2022-25291 was published Mar 5, 2022
A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree... Moderate Unreviewed
CVE-2021-3428 was published Mar 5, 2022
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able... Moderate Unreviewed
CVE-2021-20303 was published Mar 5, 2022
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw... High Unreviewed
CVE-2021-20300 was published Mar 5, 2022
Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption High
CVE-2024-22051 was published for commonmarker (RubyGems) Mar 3, 2022
An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to... Moderate Unreviewed
CVE-2021-45860 was published Mar 3, 2022
There is an improper verification vulnerability in smartphones. Successful exploitation of this... High Unreviewed
CVE-2021-22319 was published Feb 26, 2022
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful... High Unreviewed
CVE-2021-22437 was published Feb 26, 2022
Some Huawei products have an integer overflow vulnerability. Successful exploitation of this... Moderate Unreviewed
CVE-2021-22441 was published Feb 26, 2022
The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful... Critical Unreviewed
CVE-2021-22480 was published Feb 26, 2022
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function... High Unreviewed
CVE-2022-25062 was published Feb 26, 2022
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server... Critical Unreviewed
CVE-2022-25330 was published Feb 25, 2022
An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in... Moderate Unreviewed
CVE-2021-3607 was published Feb 25, 2022
An integer overflow in the processing of loaded 2D images leads to a write-what-where... High Unreviewed
CVE-2022-0545 was published Feb 25, 2022
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds... High Unreviewed
CVE-2022-0546 was published Feb 25, 2022
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. High Unreviewed
CVE-2022-25314 was published Feb 19, 2022
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. Moderate Unreviewed
CVE-2022-25315 was published Feb 19, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2022-24354 was published Feb 19, 2022
Denial of Service in Bytom High
CVE-2018-18206 was published for github.com/bytom/bytom (Go) Feb 15, 2022
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can... High Unreviewed
CVE-2022-23772 was published Feb 12, 2022
Improper validation of data length received from DMA buffer can lead to memory corruption. in... High Unreviewed
CVE-2021-35069 was published Feb 12, 2022
Possible integer overflow due to improper fragment datatype while calculating number of fragments... High Unreviewed
CVE-2021-35074 was published Feb 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database