Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

64 advisories

Loading
Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). Critical Unreviewed
CVE-2021-45956 was published Jan 2, 2022
mruby is vulnerable to Heap-based Buffer Overflow Critical Unreviewed
CVE-2022-0080 was published Jan 3, 2022
Heap-based Buffer Overflow in vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-0318 was published Jan 22, 2022
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. Critical Unreviewed
CVE-2022-0570 was published Feb 15, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-0572 was published Feb 15, 2022
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. Critical Unreviewed
CVE-2022-0631 was published Feb 19, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Critical Unreviewed
CVE-2021-42018 was published Mar 9, 2022
Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to 1.0.8. Critical Unreviewed
CVE-2022-1253 was published Apr 7, 2022
heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2.... Critical Unreviewed
CVE-2022-1286 was published Apr 11, 2022
All versions of GurumDDS are vulnerable to heap-based buffer overflow, which may cause a denial... Critical Unreviewed
CVE-2021-38439 was published May 6, 2022
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via... Critical Unreviewed
CVE-2019-3568 was published May 24, 2022
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies... Critical Unreviewed
CVE-2019-10126 was published May 24, 2022
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. Critical Unreviewed
CVE-2019-5482 was published May 24, 2022
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An... Critical Unreviewed
CVE-2019-18325 was published May 24, 2022
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This... Critical Unreviewed
CVE-2020-27251 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Critical Unreviewed
CVE-2020-15800 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Critical Unreviewed
CVE-2020-25226 was published May 24, 2022
xbuf_format_converter, used as part of exif_read_data, was appending a terminating null character... Critical Unreviewed
CVE-2020-1917 was published May 24, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201... Critical Unreviewed
CVE-2021-25668 was published May 24, 2022
Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06 Critical Unreviewed
CVE-2021-32959 was published May 24, 2022
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which... Critical Unreviewed
CVE-2021-33023 was published May 24, 2022
libmysofa is vulnerable to Heap-based Buffer Overflow Critical Unreviewed
CVE-2021-3756 was published May 24, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-2207 was published Jun 28, 2022
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 ... Critical Unreviewed
CVE-2022-34819 was published Jul 13, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a... Critical Unreviewed
CVE-2022-35712 was published Oct 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database