Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,130 advisories

Loading
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32... Critical Unreviewed
CVE-2022-22721 was published Mar 15, 2022
Integer Overflow or Wraparound in Microweber High
CVE-2022-0913 was published for microweber/microweber (Composer) Mar 12, 2022
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with... High Unreviewed
CVE-2022-0204 was published Mar 11, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Critical Unreviewed
CVE-2021-42019 was published Mar 9, 2022
In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer... Critical Unreviewed
CVE-2022-26495 was published Mar 7, 2022
An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote... High Unreviewed
CVE-2022-25291 was published Mar 5, 2022
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw... High Unreviewed
CVE-2021-20300 was published Mar 5, 2022
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able... Moderate Unreviewed
CVE-2021-20303 was published Mar 5, 2022
A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree... Moderate Unreviewed
CVE-2021-3428 was published Mar 5, 2022
Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption High
CVE-2024-22051 was published for commonmarker (RubyGems) Mar 3, 2022
An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to... Moderate Unreviewed
CVE-2021-45860 was published Mar 3, 2022
There is an improper verification vulnerability in smartphones. Successful exploitation of this... High Unreviewed
CVE-2021-22319 was published Feb 26, 2022
Some Huawei products have an integer overflow vulnerability. Successful exploitation of this... Moderate Unreviewed
CVE-2021-22441 was published Feb 26, 2022
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful... High Unreviewed
CVE-2021-22437 was published Feb 26, 2022
The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful... Critical Unreviewed
CVE-2021-22480 was published Feb 26, 2022
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function... High Unreviewed
CVE-2022-25062 was published Feb 26, 2022
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server... Critical Unreviewed
CVE-2022-25330 was published Feb 25, 2022
An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in... Moderate Unreviewed
CVE-2021-3607 was published Feb 25, 2022
An integer overflow in the processing of loaded 2D images leads to a write-what-where... High Unreviewed
CVE-2022-0545 was published Feb 25, 2022
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds... High Unreviewed
CVE-2022-0546 was published Feb 25, 2022
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. High Unreviewed
CVE-2022-25314 was published Feb 19, 2022
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. Moderate Unreviewed
CVE-2022-25315 was published Feb 19, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2022-24354 was published Feb 19, 2022
Denial of Service in Bytom High
CVE-2018-18206 was published for github.com/bytom/bytom (Go) Feb 15, 2022
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can... High Unreviewed
CVE-2022-23772 was published Feb 12, 2022
ProTip! Advisories are also available from the GraphQL API