Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,922 advisories

Loading
Heap-based Buffer Overflow in vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-0318 was published Jan 22, 2022
libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote... Critical Unreviewed
CVE-2021-33912 was published Jan 20, 2022
libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to... Critical Unreviewed
CVE-2021-33913 was published Jan 20, 2022
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite,... Critical Unreviewed
CVE-2021-38691 was published Jan 15, 2022
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite,... Critical Unreviewed
CVE-2021-38682 was published Jan 15, 2022
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite,... Critical Unreviewed
CVE-2021-38689 was published Jan 15, 2022
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite,... Critical Unreviewed
CVE-2021-38690 was published Jan 15, 2022
A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite,... Critical Unreviewed
CVE-2021-38692 was published Jan 15, 2022
My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP... Critical Unreviewed
CVE-2022-22989 was published Jan 14, 2022
The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which... Critical Unreviewed
CVE-2021-32998 was published Jan 11, 2022
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones.... Critical Unreviewed
CVE-2021-39996 was published Jan 11, 2022
The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful... Critical Unreviewed
CVE-2021-40010 was published Jan 11, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25024 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25026 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25025 was published for actix-web (Rust) Jan 6, 2022
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior... Critical Unreviewed
CVE-2021-24042 was published Jan 5, 2022
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of... Critical Unreviewed
CVE-2021-39990 was published Jan 4, 2022
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and... Critical Unreviewed
CVE-2021-45953 was published Jan 2, 2022
Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from... Critical Unreviewed
CVE-2021-45951 was published Jan 2, 2022
Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). Critical Unreviewed
CVE-2021-45952 was published Jan 2, 2022
Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and... Critical Unreviewed
CVE-2021-45955 was published Jan 2, 2022
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and... Critical Unreviewed
CVE-2021-45954 was published Jan 2, 2022
Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). Critical Unreviewed
CVE-2021-45956 was published Jan 2, 2022
Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (called from FuzzAnswerTheRequest... Critical Unreviewed
CVE-2021-45957 was published Jan 2, 2022
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle... Critical Unreviewed
CVE-2021-37566 was published Dec 27, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database