GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,527

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

284 advisories

Filter by severity

Sort by

Least recently updated

Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound... Critical Unreviewed

CVE-2022-23884 was published Mar 29, 2022

Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in... Critical Unreviewed

CVE-2009-0947 was published Apr 21, 2022

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing... Critical Unreviewed

CVE-2017-2892 was published May 13, 2022

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of... Critical Unreviewed

CVE-2017-2921 was published May 13, 2022

Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP... Critical Unreviewed

CVE-2016-4345 was published May 17, 2022

Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that... Critical Unreviewed

CVE-2017-5340 was published May 14, 2022

An integer overflow during the parsing of XML using the Expat library. This vulnerability affects... Critical Unreviewed

CVE-2016-9063 was published May 14, 2022

PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and... Critical Unreviewed

CVE-2017-9120 was published May 14, 2022

Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows... Critical Unreviewed

CVE-2016-4346 was published May 14, 2022

Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in... Critical Unreviewed

CVE-2016-5770 was published May 14, 2022

Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote... Critical Unreviewed

CVE-2016-3078 was published May 17, 2022

Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows... Critical Unreviewed

CVE-2016-4344 was published May 17, 2022

Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote... Critical Unreviewed

CVE-2020-28020 was published May 24, 2022

An integer overflow was addressed with improved input validation. This issue is fixed in Security... Critical Unreviewed

CVE-2022-26775 was published May 27, 2022

A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality... Critical Unreviewed

CVE-2021-21795 was published May 24, 2022

An integer overflow issue was addressed with improved input validation. This issue is fixed in... Critical Unreviewed

CVE-2022-26711 was published May 27, 2022

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond... Critical Unreviewed

CVE-2022-28615 was published Jun 10, 2022

Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile... Critical Unreviewed

CVE-2022-25651 was published Jun 15, 2022

Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM)... Critical Unreviewed

CVE-2023-0077 was published Jan 5, 2023

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32... Critical Unreviewed

CVE-2022-22721 was published Mar 15, 2022

Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC... Critical Unreviewed

CVE-2016-6999 was published May 17, 2022

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed

CVE-2017-9184 was published May 17, 2022

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed

CVE-2017-9198 was published May 17, 2022

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c... Critical Unreviewed

CVE-2017-9161 was published May 17, 2022

An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw... Critical Unreviewed

CVE-2017-6889 was published May 17, 2022

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

284 advisories