Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,339
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

297 advisories

Loading
Critical severity vulnerability that affects org.eclipse.jetty:jetty-server Critical
CVE-2017-7657 was published for org.eclipse.jetty:jetty-server (Maven) Oct 19, 2018
Integer Overflow or Wraparound in Google TensorFlow Critical
CVE-2018-7575 was published for tensorflow (pip) Apr 30, 2019
Overflow in libsecp256k1 Critical
CVE-2021-38195 was published for libsecp256k1 (Rust) Aug 25, 2021
Integer overflow in Pillow Critical
CVE-2020-5310 was published for pillow (pip) Nov 3, 2021
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful... Critical Unreviewed
CVE-2021-37095 was published Dec 8, 2021
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful... Critical Unreviewed
CVE-2021-37065 was published Dec 8, 2021
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS... Critical Unreviewed
CVE-2021-26109 was published Dec 9, 2021
Buffer overrun in CGI.escape_html Critical
CVE-2021-41816 was published for cgi (RubyGems) Dec 14, 2021
kir-b
When parsing a file that is submitted to the DPDecoder service as a job, the service will use the... Critical Unreviewed
CVE-2021-40417 was published Dec 23, 2021
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45608 was published Dec 27, 2021
There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of... Critical Unreviewed
CVE-2021-39993 was published Jan 11, 2022
In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer... Critical Unreviewed
CVE-2021-30636 was published Jan 25, 2022
An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following... Critical Unreviewed
CVE-2021-26706 was published Jan 25, 2022
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Critical Unreviewed
CVE-2022-23990 was published Feb 10, 2022
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for... Critical Unreviewed
CVE-2022-23852 was published Feb 10, 2022
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed
CVE-2022-22824 was published Feb 10, 2022
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed
CVE-2022-22822 was published Feb 10, 2022
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed
CVE-2022-22823 was published Feb 10, 2022
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer... Critical Unreviewed
CVE-2022-24310 was published Feb 11, 2022
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server... Critical Unreviewed
CVE-2022-25330 was published Feb 25, 2022
The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful... Critical Unreviewed
CVE-2021-22480 was published Feb 26, 2022
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer... Critical Unreviewed
CVE-2022-26495 was published Mar 7, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Critical Unreviewed
CVE-2021-42019 was published Mar 9, 2022
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32... Critical Unreviewed
CVE-2022-22721 was published Mar 15, 2022
Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound... Critical Unreviewed
CVE-2022-23884 was published Mar 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database