diff --git a/flawfinder b/flawfinder
index e99c2c9..634e5c9 100755
--- a/flawfinder
+++ b/flawfinder
@@ -816,10 +816,16 @@ def c_static_array(hit):
         add_warning(hit)  # Found a static array, warn about it.
 
 
+def cpp_unsafe_stl(hit):
+    # Use one of the overloaded classes from the STL in C++14 and higher
+    # instead of the <C++14 versions of theses functions that did not
+    # if the second iterator could overflow
+    if len(hit.parameters) <= 4:
+        add_warning(hit)
+
 def normal(hit):
     add_warning(hit)
 
-
 # "c_ruleset": the rules for identifying "hits" in C (potential warnings).
 # It's a dictionary, where the key is the function name causing the hit,
 # and the value is a tuple with the following format:
@@ -1309,6 +1315,13 @@ c_ruleset = {
      "Make sure input data is filtered, especially if an attacker could manipulate it",
      "input", "", {'input': 1}),
 
+    # Unsafe STL functions that don't check the second iterator
+    "equal|mismatch|is_permutation":
+    (cpp_unsafe_stl,
+     2, # need further analysis to consider risk level
+     "Function does not check the second iterator for overflow conditions (CWE-119/CWE-120)",
+     "These functions are typically banned by most C++ coding standards in favor of their safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it",
+     "buffer", "", {}),
 
     # TODO: detect C++'s:   cin >> charbuf, where charbuf is a char array; the problem
     #       is that flawfinder doesn't have type information, and ">>" is safe with