GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
236 advisories
Filter by severity
My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP...
Critical
Unreviewed
CVE-2022-22989
was published
Jan 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
Critical
Unreviewed
CVE-2021-35004
was published
Jan 22, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
Critical
Unreviewed
CVE-2021-35003
was published
Jan 22, 2022
A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel...
Critical
Unreviewed
CVE-2021-21960
was published
Feb 10, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
Critical
Unreviewed
CVE-2022-20708
was published
Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
Critical
Unreviewed
CVE-2022-20699
was published
Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
Critical
Unreviewed
CVE-2022-20701
was published
Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
Critical
Unreviewed
CVE-2022-20700
was published
Feb 11, 2022
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled ...
Critical
Unreviewed
CVE-2021-43301
was published
Feb 17, 2022
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename'...
Critical
Unreviewed
CVE-2021-43299
was published
Feb 17, 2022
Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename'...
Critical
Unreviewed
CVE-2021-43300
was published
Feb 17, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
Critical
Unreviewed
CVE-2022-24049
was published
Feb 19, 2022
A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0)...
Critical
Unreviewed
CVE-2020-16209
was published
May 20, 2022
Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are...
Critical
Unreviewed
CVE-2021-32941
was published
May 24, 2022
When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided...
Critical
Unreviewed
CVE-2018-20655
was published
May 24, 2022
When receiving calls using WhatsApp for Android, a missing size check when parsing a sender...
Critical
Unreviewed
CVE-2018-6349
was published
May 24, 2022
When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for...
Critical
Unreviewed
CVE-2018-6339
was published
May 24, 2022
TurboVNC server code contains stack buffer overflow vulnerability in commit prior to...
Critical
Unreviewed
CVE-2019-15683
was published
May 24, 2022
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way...
Critical
Unreviewed
CVE-2019-19334
was published
May 24, 2022
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way...
Critical
Unreviewed
CVE-2019-19333
was published
May 24, 2022
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary...
Critical
Unreviewed
CVE-2019-3951
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
Critical
Unreviewed
CVE-2020-17407
was published
May 24, 2022
The affected product is vulnerable to three stack-based buffer overflows, which may allow an...
Critical
Unreviewed
CVE-2020-25189
was published
May 24, 2022
In Eclipse OpenJ9 up to version 0.23, there is potential for a stack-based buffer overflow when...
Critical
Unreviewed
CVE-2020-27221
was published
May 24, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201...
Critical
Unreviewed
CVE-2021-25669
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API