The Vulnerability History Project


These are the known vulnerabilities in our database. Every vulnerability known to the VHP project is reported here, regardless of what the state of its curation is.

Each vulnerability is given upvotes by our curators. Upvotes are an entirely subjective measure of how interesting the story each curator finds the vulnerability. Everyone is encouraged to contribute upvotes to vulnerabilities!

Let's Just Undo That

A revert is when a commit is reversed, indicating that developers have decided to roll back changes that were originally approved and integrated into the system.

Beware of complex inputs

Don't just think about code complexity, think about *input* complexity.

Bad things happen when integers wrap around

Loop counters, file sizes, malloc arguments, session tokens, primary keys... numbers are everywhere in our code. What happens when our numbers get very, _very_ big? Integer overflow, or wraparound, is much more dangerous than it seems.