Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

218 advisories

Loading
My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP... Critical Unreviewed
CVE-2022-22989 was published Jan 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2021-35004 was published Jan 22, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2021-35003 was published Jan 22, 2022
A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel... Critical Unreviewed
CVE-2021-21960 was published Feb 10, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20708 was published Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20701 was published Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20699 was published Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20700 was published Feb 11, 2022
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled ... Critical Unreviewed
CVE-2021-43301 was published Feb 17, 2022
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename'... Critical Unreviewed
CVE-2021-43299 was published Feb 17, 2022
Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename'... Critical Unreviewed
CVE-2021-43300 was published Feb 17, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-24049 was published Feb 19, 2022
A malicious attacker could exploit the interface of the Fieldcomm Group HART-IP (release 1.0.0.0)... Critical Unreviewed
CVE-2020-16209 was published May 20, 2022
Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are... Critical Unreviewed
CVE-2021-32941 was published May 24, 2022
When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided... Critical Unreviewed
CVE-2018-20655 was published May 24, 2022
When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for... Critical Unreviewed
CVE-2018-6339 was published May 24, 2022
When receiving calls using WhatsApp for Android, a missing size check when parsing a sender... Critical Unreviewed
CVE-2018-6349 was published May 24, 2022
TurboVNC server code contains stack buffer overflow vulnerability in commit prior to... Critical Unreviewed
CVE-2019-15683 was published May 24, 2022
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way... Critical Unreviewed
CVE-2019-19333 was published May 24, 2022
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way... Critical Unreviewed
CVE-2019-19334 was published May 24, 2022
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary... Critical Unreviewed
CVE-2019-3951 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2020-17407 was published May 24, 2022
The affected product is vulnerable to three stack-based buffer overflows, which may allow an... Critical Unreviewed
CVE-2020-25189 was published May 24, 2022
In Eclipse OpenJ9 up to version 0.23, there is potential for a stack-based buffer overflow when... Critical Unreviewed
CVE-2020-27221 was published May 24, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201... Critical Unreviewed
CVE-2021-25669 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API