Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

235 advisories

Loading
My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP... Critical Unreviewed
CVE-2022-22989 was published Jan 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2021-35004 was published Jan 22, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2021-35003 was published Jan 22, 2022
A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel... Critical Unreviewed
CVE-2021-21960 was published Feb 10, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20708 was published Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20701 was published Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20699 was published Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20700 was published Feb 11, 2022
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled ... Critical Unreviewed
CVE-2021-43301 was published Feb 17, 2022
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename'... Critical Unreviewed
CVE-2021-43299 was published Feb 17, 2022
Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename'... Critical Unreviewed
CVE-2021-43300 was published Feb 17, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-24049 was published Feb 19, 2022
A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0)... Critical Unreviewed
CVE-2020-16209 was published May 20, 2022
Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are... Critical Unreviewed
CVE-2021-32941 was published May 24, 2022
When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for... Critical Unreviewed
CVE-2018-6339 was published May 24, 2022
When receiving calls using WhatsApp for Android, a missing size check when parsing a sender... Critical Unreviewed
CVE-2018-6349 was published May 24, 2022
When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided... Critical Unreviewed
CVE-2018-20655 was published May 24, 2022
TurboVNC server code contains stack buffer overflow vulnerability in commit prior to... Critical Unreviewed
CVE-2019-15683 was published May 24, 2022
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way... Critical Unreviewed
CVE-2019-19334 was published May 24, 2022
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way... Critical Unreviewed
CVE-2019-19333 was published May 24, 2022
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary... Critical Unreviewed
CVE-2019-3951 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2020-17407 was published May 24, 2022
The affected product is vulnerable to three stack-based buffer overflows, which may allow an... Critical Unreviewed
CVE-2020-25189 was published May 24, 2022
In Eclipse OpenJ9 up to version 0.23, there is potential for a stack-based buffer overflow when... Critical Unreviewed
CVE-2020-27221 was published May 24, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201... Critical Unreviewed
CVE-2021-25669 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database