Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

485 advisories

Loading
An attacker who submits a crafted tar file with size in header struct being 0 may be able to... Critical Unreviewed
CVE-2021-33643 was published Aug 11, 2022
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote... Critical Unreviewed
CVE-2022-2010 was published Jul 29, 2022
sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the... Critical Unreviewed
CVE-2021-41556 was published Jul 29, 2022
Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi... Critical Unreviewed
CVE-2022-33319 was published Jul 21, 2022
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Critical Unreviewed
CVE-2022-34029 was published Jul 19, 2022
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.2.0. In some configurations,... Critical Unreviewed
CVE-2022-35409 was published Jul 16, 2022
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key... Critical Unreviewed
CVE-2021-35083 was published Jun 15, 2022
Buffer Over-read in GitHub repository vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-1927 was published May 30, 2022
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. Critical Unreviewed
CVE-2022-1899 was published May 27, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31884 was published May 24, 2022
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55.... Critical Unreviewed
CVE-2020-12403 was published May 24, 2022
njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt... Critical Unreviewed
CVE-2019-12207 was published May 24, 2022
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37016 was published May 24, 2022
Asterix Heap-based Buffer Overflow Critical
CVE-2021-44144 was published for asterix_decoder (pip) May 24, 2022
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of... Critical Unreviewed
CVE-2021-42374 was published May 24, 2022
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause... Critical Unreviewed
CVE-2020-12141 was published May 24, 2022
libmobi is vulnerable to Out-of-bounds Read Critical Unreviewed
CVE-2021-3881 was published May 24, 2022
An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap... Critical Unreviewed
CVE-2020-19751 was published May 24, 2022
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows... Critical Unreviewed
CVE-2021-38564 was published May 24, 2022
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric... Critical Unreviewed
CVE-2021-36159 was published May 24, 2022
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of... Critical Unreviewed
CVE-2021-22354 was published May 24, 2022
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read,... Critical Unreviewed
CVE-2021-32990 was published May 24, 2022
In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to... Critical Unreviewed
CVE-2021-0516 was published May 24, 2022
An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of... Critical Unreviewed
CVE-2021-21777 was published May 24, 2022
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An... Critical Unreviewed
CVE-2021-20093 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database