GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,505

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

296 advisories

Filter by severity

Sort by

Least recently updated

The affected product is vulnerable to an integer overflow while processing HTTP headers, which... Critical Unreviewed

CVE-2021-22679 was published May 24, 2022

Multiple integer overflow issues exist while processing long domain names, which may allow an... Critical Unreviewed

CVE-2021-22671 was published May 24, 2022

Memory corruption while processing crafted SDES packets due to improper length check in sdes... Critical Unreviewed

CVE-2020-11279 was published May 24, 2022

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP... Critical Unreviewed

CVE-2021-21783 was published May 24, 2022

In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8... Critical Unreviewed

CVE-2021-25216 was published May 24, 2022

An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer... Critical Unreviewed

CVE-2020-35198 was published May 24, 2022

Integer overflow vulnerability in payable function of a smart contract implementation for an... Critical Unreviewed

CVE-2020-17752 was published May 24, 2022

Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote... Critical Unreviewed

CVE-2020-22875 was published May 24, 2022

Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote... Critical Unreviewed

CVE-2020-22874 was published May 24, 2022

There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-22388 was published May 24, 2022

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading... Critical Unreviewed

CVE-2021-24036 was published May 24, 2022

Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java... Critical Unreviewed

CVE-2020-18684 was published May 24, 2022

Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution... Critical Unreviewed

CVE-2021-29644 was published May 24, 2022

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect... Critical Unreviewed

CVE-2021-28879 was published May 24, 2022

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary... Critical Unreviewed

CVE-2021-35942 was published May 24, 2022

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182... Critical Unreviewed

CVE-2016-1010 was published May 17, 2022

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182... Critical Unreviewed

CVE-2016-0993 was published May 17, 2022

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182... Critical Unreviewed

CVE-2016-0963 was published May 17, 2022

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote... Critical Unreviewed

CVE-2022-31789 was published Sep 7, 2022

Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162... Critical Unreviewed

CVE-2016-4287 was published May 14, 2022

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. Critical Unreviewed

CVE-2018-1084 was published May 13, 2022

ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function,... Critical Unreviewed

CVE-2021-27435 was published May 4, 2022

eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in... Critical Unreviewed

CVE-2021-27417 was published May 4, 2022

ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function... Critical Unreviewed

CVE-2021-27433 was published May 4, 2022

TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tos_mmheap_alloc... Critical Unreviewed

CVE-2021-27439 was published May 4, 2022

Previous 1 2 3 4 5 6 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

296 advisories