GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,627
Composer 4,226
Erlang 31
GitHub Actions 19
Go 1,991
Maven 5,174
npm 3,708
NuGet 661
pip 3,339
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,545

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

297 advisories

Filter by severity

Sort by

Least recently updated

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to... Critical Unreviewed

CVE-2019-2046 was published May 24, 2022

Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in... Critical Unreviewed

CVE-2022-22105 was published Sep 17, 2022

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which... Critical Unreviewed

CVE-2016-2177 was published May 13, 2022

Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow. Critical Unreviewed

CVE-2019-16127 was published May 24, 2022

u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number... Critical Unreviewed

CVE-2020-11196 was published May 24, 2022

u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size... Critical Unreviewed

CVE-2020-11184 was published May 24, 2022

Integer Overflow or Wraparound vulnerability in the XML RPC library of OpenRobotics ros_comm... Critical Unreviewed

CVE-2020-16124 was published May 24, 2022

u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check'... Critical Unreviewed

CVE-2020-11169 was published May 24, 2022

In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an... Critical Unreviewed

CVE-2020-0452 was published May 24, 2022

Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ... Critical Unreviewed

CVE-2020-27484 was published May 24, 2022

Integer multiplication overflow resulting in lower buffer size allocation than expected causes... Critical Unreviewed

CVE-2020-11137 was published May 24, 2022

Buffer over read can happen in video driver when playing clip with atomsize having value... Critical Unreviewed

CVE-2020-11216 was published May 24, 2022

Due to incorrect string size calculations inside the preg_quote function, a large input string... Critical Unreviewed

CVE-2021-24025 was published May 24, 2022

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Critical Unreviewed

CVE-2022-23990 was published Feb 10, 2022

Possible integer overflow can occur when stream info update is called when total number of... Critical Unreviewed

CVE-2020-11197 was published May 24, 2022

Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends... Critical Unreviewed

CVE-2020-11167 was published May 24, 2022

Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code... Critical Unreviewed

CVE-2021-20308 was published May 24, 2022

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4... Critical Unreviewed

CVE-2021-3402 was published May 24, 2022

The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer... Critical Unreviewed

CVE-2021-31572 was published May 24, 2022

The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for... Critical Unreviewed

CVE-2021-31571 was published May 24, 2022

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a... Critical Unreviewed

CVE-2017-20005 was published May 24, 2022

Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had... Critical Unreviewed

CVE-2021-21223 was published May 24, 2022

An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio... Critical Unreviewed

CVE-2021-31872 was published May 24, 2022

An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result... Critical Unreviewed

CVE-2021-31870 was published May 24, 2022

Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc,... Critical Unreviewed

CVE-2021-26461 was published May 24, 2022

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

297 advisories