Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,951
Erlang
39
GitHub Actions
38
Go
2,607
Maven
5,000+
npm
4,251
NuGet
757
pip
4,017
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

315 advisories

Loading
Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound... Critical Unreviewed
CVE-2022-23884 was published Mar 29, 2022
Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in... Critical Unreviewed
CVE-2009-0947 was published Apr 21, 2022
TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tos_mmheap_alloc... Critical Unreviewed
CVE-2021-27439 was published May 4, 2022
ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function... Critical Unreviewed
CVE-2021-27433 was published May 4, 2022
ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function,... Critical Unreviewed
CVE-2021-27435 was published May 4, 2022
uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc... Critical Unreviewed
CVE-2021-27419 was published May 4, 2022
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mm_malloc.... Critical Unreviewed
CVE-2021-27425 was published May 4, 2022
NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc... Critical Unreviewed
CVE-2021-27421 was published May 4, 2022
RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc... Critical Unreviewed
CVE-2021-27427 was published May 4, 2022
ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc ... Critical Unreviewed
CVE-2021-27431 was published May 4, 2022
NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and... Critical Unreviewed
CVE-2021-22680 was published May 4, 2022
eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in... Critical Unreviewed
CVE-2021-27417 was published May 4, 2022
In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c:... Critical Unreviewed
CVE-2018-10191 was published May 7, 2022
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for... Critical Unreviewed
CVE-2016-8705 was published May 13, 2022
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible... Critical Unreviewed
CVE-2016-8704 was published May 13, 2022
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of... Critical Unreviewed
CVE-2017-2921 was published May 13, 2022
An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing... Critical Unreviewed
CVE-2017-2892 was published May 13, 2022
An integer overflow vulnerability exists in the X509 certificate parsing functionality of... Critical Unreviewed
CVE-2017-2782 was published May 13, 2022
(1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow... Critical Unreviewed
CVE-2016-9558 was published May 13, 2022
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which... Critical Unreviewed
CVE-2016-2177 was published May 13, 2022
An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis... Critical Unreviewed
CVE-2018-11219 was published May 13, 2022
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which... Critical Unreviewed
CVE-2018-17963 was published May 13, 2022
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. Critical Unreviewed
CVE-2018-1084 was published May 13, 2022
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows... Critical Unreviewed
CVE-2017-14062 was published May 13, 2022
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in... Critical Unreviewed
CVE-2018-7225 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database