GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
293 advisories
Filter by severity
A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer...
Critical
Unreviewed
CVE-2022-24310
was published
Feb 11, 2022
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Critical
Unreviewed
CVE-2022-22823
was published
Feb 10, 2022
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Critical
Unreviewed
CVE-2022-22824
was published
Feb 10, 2022
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Critical
Unreviewed
CVE-2022-22822
was published
Feb 10, 2022
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for...
Critical
Unreviewed
CVE-2022-23852
was published
Feb 10, 2022
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
Critical
Unreviewed
CVE-2022-23990
was published
Feb 10, 2022
In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer...
Critical
Unreviewed
CVE-2021-30636
was published
Jan 25, 2022
An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following...
Critical
Unreviewed
CVE-2021-26706
was published
Jan 25, 2022
There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of...
Critical
Unreviewed
CVE-2021-39993
was published
Jan 11, 2022
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45608
was published
Dec 27, 2021
When parsing a file that is submitted to the DPDecoder service as a job, the service will use the...
Critical
Unreviewed
CVE-2021-40417
was published
Dec 23, 2021
Buffer overrun in CGI.escape_html
Critical
CVE-2021-41816
was published
for
cgi
(RubyGems)
Dec 14, 2021
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS...
Critical
Unreviewed
CVE-2021-26109
was published
Dec 9, 2021
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful...
Critical
Unreviewed
CVE-2021-37065
was published
Dec 8, 2021
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful...
Critical
Unreviewed
CVE-2021-37095
was published
Dec 8, 2021
Integer Overflow or Wraparound in Google TensorFlow
Critical
CVE-2018-7575
was published
for
tensorflow
(pip)
Apr 30, 2019
Critical severity vulnerability that affects org.eclipse.jetty:jetty-server
Critical
CVE-2017-7657
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 19, 2018
ProTip!
Advisories are also available from the
GraphQL API