Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

483 advisories

Loading
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects... Critical Unreviewed
CVE-2021-46848 was published Oct 24, 2022
Information disclosure in WLAN due to improper length check while processing authentication... Critical Unreviewed
CVE-2022-25719 was published Oct 19, 2022
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification... Critical Unreviewed
CVE-2021-46840 was published Oct 14, 2022
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful... Critical Unreviewed
CVE-2021-46839 was published Oct 14, 2022
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation... Critical Unreviewed
CVE-2022-37032 was published Sep 20, 2022
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this... Critical Unreviewed
CVE-2021-40019 was published Sep 17, 2022
The path in this case is a little bit convoluted. The end result is that via an ioctl an... Critical Unreviewed
CVE-2021-0942 was published Sep 14, 2022
An out-of-bounds read can occur while parsing a server certificate due to improper length check... Critical Unreviewed
CVE-2022-22062 was published Sep 3, 2022
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for... Critical Unreviewed
CVE-2019-15167 was published Aug 28, 2022
An attacker who submits a crafted tar file with size in header struct being 0 may be able to... Critical Unreviewed
CVE-2021-33643 was published Aug 11, 2022
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote... Critical Unreviewed
CVE-2022-2010 was published Jul 29, 2022
sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the... Critical Unreviewed
CVE-2021-41556 was published Jul 29, 2022
Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi... Critical Unreviewed
CVE-2022-33319 was published Jul 21, 2022
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Critical Unreviewed
CVE-2022-34029 was published Jul 19, 2022
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.2.0. In some configurations,... Critical Unreviewed
CVE-2022-35409 was published Jul 16, 2022
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key... Critical Unreviewed
CVE-2021-35083 was published Jun 15, 2022
Buffer Over-read in GitHub repository vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-1927 was published May 30, 2022
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. Critical Unreviewed
CVE-2022-1899 was published May 27, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31884 was published May 24, 2022
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55.... Critical Unreviewed
CVE-2020-12403 was published May 24, 2022
njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt... Critical Unreviewed
CVE-2019-12207 was published May 24, 2022
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37016 was published May 24, 2022
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of... Critical Unreviewed
CVE-2021-42374 was published May 24, 2022
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause... Critical Unreviewed
CVE-2020-12141 was published May 24, 2022
libmobi is vulnerable to Out-of-bounds Read Critical Unreviewed
CVE-2021-3881 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database