Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

304 advisories

Loading
Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to... Critical Unreviewed
CVE-2010-4202 was published May 13, 2022
WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44,... Critical Unreviewed
CVE-2010-4203 was published May 13, 2022
The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage... Critical Unreviewed
CVE-2010-3729 was published May 13, 2022
Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm... Critical Unreviewed
CVE-2016-5344 was published May 13, 2022
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on... Critical Unreviewed
CVE-2018-5095 was published May 13, 2022
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in... Critical Unreviewed
CVE-2018-7225 was published May 13, 2022
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows... Critical Unreviewed
CVE-2017-14062 was published May 13, 2022
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. Critical Unreviewed
CVE-2018-1084 was published May 13, 2022
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which... Critical Unreviewed
CVE-2018-17963 was published May 13, 2022
An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis... Critical Unreviewed
CVE-2018-11219 was published May 13, 2022
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which... Critical Unreviewed
CVE-2016-2177 was published May 13, 2022
(1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow... Critical Unreviewed
CVE-2016-9558 was published May 13, 2022
An integer overflow vulnerability exists in the X509 certificate parsing functionality of... Critical Unreviewed
CVE-2017-2782 was published May 13, 2022
An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing... Critical Unreviewed
CVE-2017-2892 was published May 13, 2022
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of... Critical Unreviewed
CVE-2017-2921 was published May 13, 2022
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible... Critical Unreviewed
CVE-2016-8704 was published May 13, 2022
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for... Critical Unreviewed
CVE-2016-8705 was published May 13, 2022
In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c:... Critical Unreviewed
CVE-2018-10191 was published May 7, 2022
eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in... Critical Unreviewed
CVE-2021-27417 was published May 4, 2022
NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and... Critical Unreviewed
CVE-2021-22680 was published May 4, 2022
ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc ... Critical Unreviewed
CVE-2021-27431 was published May 4, 2022
RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc... Critical Unreviewed
CVE-2021-27427 was published May 4, 2022
NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc... Critical Unreviewed
CVE-2021-27421 was published May 4, 2022
uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc... Critical Unreviewed
CVE-2021-27419 was published May 4, 2022
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mm_malloc.... Critical Unreviewed
CVE-2021-27425 was published May 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database