GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,458

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

284 advisories

Filter by severity

Sort by

Least recently updated

There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful... Critical Unreviewed

CVE-2021-37095 was published Dec 8, 2021

There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful... Critical Unreviewed

CVE-2021-37065 was published Dec 8, 2021

An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS... Critical Unreviewed

CVE-2021-26109 was published Dec 9, 2021

When parsing a file that is submitted to the DPDecoder service as a job, the service will use the... Critical Unreviewed

CVE-2021-40417 was published Dec 23, 2021

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This... Critical Unreviewed

CVE-2021-45608 was published Dec 27, 2021

There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of... Critical Unreviewed

CVE-2021-39993 was published Jan 11, 2022

In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer... Critical Unreviewed

CVE-2021-30636 was published Jan 25, 2022

An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following... Critical Unreviewed

CVE-2021-26706 was published Jan 25, 2022

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Critical Unreviewed

CVE-2022-23990 was published Feb 10, 2022

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for... Critical Unreviewed

CVE-2022-23852 was published Feb 10, 2022

defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed

CVE-2022-22824 was published Feb 10, 2022

addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed

CVE-2022-22822 was published Feb 10, 2022

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed

CVE-2022-22823 was published Feb 10, 2022

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer... Critical Unreviewed

CVE-2022-24310 was published Feb 11, 2022

Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server... Critical Unreviewed

CVE-2022-25330 was published Feb 25, 2022

The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful... Critical Unreviewed

CVE-2021-22480 was published Feb 26, 2022

In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer... Critical Unreviewed

CVE-2022-26495 was published Mar 7, 2022

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Critical Unreviewed

CVE-2021-42019 was published Mar 9, 2022

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32... Critical Unreviewed

CVE-2022-22721 was published Mar 15, 2022

Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound... Critical Unreviewed

CVE-2022-23884 was published Mar 29, 2022

Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in... Critical Unreviewed

CVE-2009-0947 was published Apr 21, 2022

ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function... Critical Unreviewed

CVE-2021-27433 was published May 4, 2022

TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tos_mmheap_alloc... Critical Unreviewed

CVE-2021-27439 was published May 4, 2022

ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function,... Critical Unreviewed

CVE-2021-27435 was published May 4, 2022

RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc... Critical Unreviewed

CVE-2021-27427 was published May 4, 2022

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

284 advisories