Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

534 advisories

Loading
An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer... Critical Unreviewed
CVE-2017-9053 was published May 13, 2022
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x),... Critical Unreviewed
CVE-2018-11058 was published May 13, 2022
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1... Critical Unreviewed
CVE-2017-2801 was published May 13, 2022
Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain... Critical Unreviewed
CVE-2021-34085 was published May 12, 2022
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an... Critical Unreviewed
CVE-2022-20472 was published Dec 13, 2022
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an... Critical Unreviewed
CVE-2022-20473 was published Dec 13, 2022
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp... Critical Unreviewed
CVE-2022-45315 was published Dec 5, 2022
Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the... Critical Unreviewed
CVE-2022-45313 was published Dec 5, 2022
An exploitable information leak/denial of service vulnerability exists in the libevm (Ethereum... Critical Unreviewed
CVE-2017-14457 was published May 13, 2022
Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR... Critical Unreviewed
CVE-2022-39881 was published Nov 10, 2022
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. Critical Unreviewed
CVE-2022-1899 was published May 27, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31884 was published May 24, 2022
njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt... Critical Unreviewed
CVE-2019-12207 was published May 24, 2022
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37016 was published May 24, 2022
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause... Critical Unreviewed
CVE-2020-12141 was published May 24, 2022
libmobi is vulnerable to Out-of-bounds Read Critical Unreviewed
CVE-2021-3881 was published May 24, 2022
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for... Critical Unreviewed
CVE-2019-15167 was published Aug 28, 2022
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows... Critical Unreviewed
CVE-2021-38564 was published May 24, 2022
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric... Critical Unreviewed
CVE-2021-36159 was published May 24, 2022
sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the... Critical Unreviewed
CVE-2021-41556 was published Jul 29, 2022
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of... Critical Unreviewed
CVE-2021-22354 was published May 24, 2022
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read,... Critical Unreviewed
CVE-2021-32990 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2020-36330 was published May 24, 2022
Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01... Critical Unreviewed
CVE-2021-22668 was published May 24, 2022
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8... Critical Unreviewed
CVE-2021-25216 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database