GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,847
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,932
npm 4,128
NuGet 735
pip 3,944
Pub 12
RubyGems 945
Rust 1,024
Swift 39

Unreviewed advisories

All unreviewed 269,227

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

315 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible... Critical Unreviewed

CVE-2016-8704 was published May 13, 2022

Multiple integer overflows in process_bin_update function in Memcached, which is responsible for... Critical Unreviewed

CVE-2016-8705 was published May 13, 2022

In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c:... Critical Unreviewed

CVE-2018-10191 was published May 7, 2022

eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in... Critical Unreviewed

CVE-2021-27417 was published May 4, 2022

NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and... Critical Unreviewed

CVE-2021-22680 was published May 4, 2022

Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mm_malloc.... Critical Unreviewed

CVE-2021-27425 was published May 4, 2022

ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc ... Critical Unreviewed

CVE-2021-27431 was published May 4, 2022

RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc... Critical Unreviewed

CVE-2021-27427 was published May 4, 2022

NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc... Critical Unreviewed

CVE-2021-27421 was published May 4, 2022

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc... Critical Unreviewed

CVE-2021-27419 was published May 4, 2022

TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tos_mmheap_alloc... Critical Unreviewed

CVE-2021-27439 was published May 4, 2022

ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function... Critical Unreviewed

CVE-2021-27433 was published May 4, 2022

ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function,... Critical Unreviewed

CVE-2021-27435 was published May 4, 2022

Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in... Critical Unreviewed

CVE-2009-0947 was published Apr 21, 2022

Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound... Critical Unreviewed

CVE-2022-23884 was published Mar 29, 2022

Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to... Critical Unreviewed

CVE-2022-23943 was published Mar 15, 2022

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32... Critical Unreviewed

CVE-2022-22721 was published Mar 15, 2022

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Critical Unreviewed

CVE-2021-42019 was published Mar 9, 2022

In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer... Critical Unreviewed

CVE-2022-26495 was published Mar 7, 2022

The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful... Critical Unreviewed

CVE-2021-22480 was published Feb 26, 2022

Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server... Critical Unreviewed

CVE-2022-25330 was published Feb 25, 2022

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer... Critical Unreviewed

CVE-2022-24310 was published Feb 11, 2022

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed

CVE-2022-22823 was published Feb 10, 2022

addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed

CVE-2022-22822 was published Feb 10, 2022

defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Critical Unreviewed

CVE-2022-22824 was published Feb 10, 2022

Previous 1…1213 Next

Previous 1 2 … 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

315 advisories