GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
88 advisories
Filter by severity
There is an incorrect buffer size calculation vulnerability in the video framework. Successful...
High
Unreviewed
CVE-2021-40052
was published
Mar 11, 2022
There is an incorrect buffer size calculation vulnerability in the video framework. Successful...
High
Unreviewed
CVE-2021-40048
was published
Mar 11, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using...
High
Unreviewed
CVE-2021-44510
was published
Apr 16, 2022
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to...
High
Unreviewed
CVE-2003-0899
was published
Apr 29, 2022
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a ...
Moderate
Unreviewed
CVE-2004-0747
was published
Apr 29, 2022
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local...
Moderate
Unreviewed
CVE-2004-0940
was published
Apr 29, 2022
Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via...
High
Unreviewed
CVE-2004-1363
was published
Apr 29, 2022
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by...
High
Unreviewed
CVE-2001-0249
was published
Apr 30, 2022
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by...
High
Unreviewed
CVE-2001-0248
was published
Apr 30, 2022
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a...
Moderate
Unreviewed
CVE-2001-0334
was published
Apr 30, 2022
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow...
High
Unreviewed
CVE-2002-0184
was published
Apr 30, 2022
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause...
High
Unreviewed
CVE-2002-1347
was published
Apr 30, 2022
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions,...
Moderate
Unreviewed
CVE-2005-0490
was published
May 1, 2022
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a...
High
Unreviewed
CVE-2005-2103
was published
May 1, 2022
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly...
High
Unreviewed
CVE-2008-0599
was published
May 1, 2022
A memory corruption vulnerability exists in the ioca_mys_rgb_allocate functionality of Accusoft...
Moderate
Unreviewed
CVE-2022-22137
was published
May 4, 2022
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly...
Critical
Unreviewed
CVE-2021-38435
was published
May 6, 2022
All versions of GurumDDS improperly calculate the size to be used when allocating the buffer,...
Critical
Unreviewed
CVE-2021-38423
was published
May 6, 2022
An exploitable arbitrary write vulnerability exists in the open document format parser of the...
High
Unreviewed
CVE-2018-4038
was published
May 13, 2022
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a...
High
Unreviewed
CVE-2014-3468
was published
May 13, 2022
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are...
High
Unreviewed
CVE-2017-0166
was published
May 13, 2022
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local...
High
Unreviewed
CVE-2017-0569
was published
May 13, 2022
In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a...
High
Unreviewed
CVE-2017-13289
was published
May 13, 2022
process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as...
Moderate
Unreviewed
CVE-2017-14934
was published
May 13, 2022
An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an...
Moderate
Unreviewed
CVE-2019-3560
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API