GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,738
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
109 advisories
Filter by severity
Apache PLC4X - PLC4C (Only the C language implementation was effected) was vulnerable to an...
High
Unreviewed
CVE-2021-43083
was published
Dec 20, 2021
Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to...
High
Unreviewed
CVE-2021-4066
was published
Dec 24, 2021
The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing...
High
Unreviewed
CVE-2021-24893
was published
Jan 4, 2022
Named Pipe File System Elevation of Privilege Vulnerability.
High
Unreviewed
CVE-2022-22715
was published
Feb 10, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
High
Unreviewed
CVE-2022-24046
was published
Feb 19, 2022
There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of...
High
Unreviewed
CVE-2021-40054
was published
Mar 11, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using...
High
Unreviewed
CVE-2021-44509
was published
Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can...
High
Unreviewed
CVE-2021-44489
was published
Apr 16, 2022
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows...
High
Unreviewed
CVE-2005-0199
was published
May 1, 2022
Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x...
High
Unreviewed
CVE-2007-0063
was published
May 1, 2022
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote...
High
Unreviewed
CVE-2009-3301
was published
May 2, 2022
Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to...
High
Unreviewed
CVE-2022-1698
was published
May 13, 2022
An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart...
High
Unreviewed
CVE-2018-4011
was published
May 13, 2022
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco...
High
Unreviewed
CVE-2018-15418
was published
May 13, 2022
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in...
High
Unreviewed
CVE-2010-4164
was published
May 13, 2022
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context...
High
Unreviewed
CVE-2017-6313
was published
May 13, 2022
Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux...
High
Unreviewed
CVE-2011-2497
was published
May 13, 2022
Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel...
High
Unreviewed
CVE-2011-1770
was published
May 13, 2022
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG,...
High
Unreviewed
CVE-2014-9087
was published
May 13, 2022
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing...
High
Unreviewed
CVE-2018-14325
was published
May 13, 2022
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory...
High
Unreviewed
CVE-2017-14997
was published
May 14, 2022
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0...
High
Unreviewed
CVE-2018-16601
was published
May 14, 2022
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0...
High
Unreviewed
CVE-2014-0497
was published
May 14, 2022
Improper input validation in Bluetooth Controller function can lead to possible memory corruption...
High
Unreviewed
CVE-2017-18170
was published
May 14, 2022
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
High
Unreviewed
CVE-2018-11301
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API