Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

534 advisories

Loading
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has... Critical Unreviewed
CVE-2019-13962 was published May 24, 2022
njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.... Critical Unreviewed
CVE-2019-13067 was published May 24, 2022
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of... Critical Unreviewed
CVE-2019-14463 was published May 24, 2022
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the... Critical Unreviewed
CVE-2019-8457 was published May 24, 2022
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. Critical Unreviewed
CVE-2019-11835 was published May 24, 2022
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. Critical Unreviewed
CVE-2019-11834 was published May 24, 2022
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds... Critical Unreviewed
CVE-2019-15505 was published May 24, 2022
Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert... Critical Unreviewed
CVE-2022-28228 was published Dec 24, 2022
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An... Critical Unreviewed
CVE-2021-20093 was published May 24, 2022
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Critical Unreviewed
CVE-2022-34029 was published Jul 19, 2022
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the... Critical Unreviewed
CVE-2019-15926 was published May 24, 2022
The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung... Critical Unreviewed
CVE-2017-5538 was published May 17, 2022
In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex... Critical Unreviewed
CVE-2017-9728 was published May 17, 2022
The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial... Critical Unreviewed
CVE-2017-11465 was published May 17, 2022
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key... Critical Unreviewed
CVE-2021-35083 was published Jun 15, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25009 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25010 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25012 was published May 24, 2022
An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap... Critical Unreviewed
CVE-2020-19751 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25013 was published May 24, 2022
The path in this case is a little bit convoluted. The end result is that via an ioctl an... Critical Unreviewed
CVE-2021-0942 was published Sep 14, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and... Critical Unreviewed
CVE-2017-9224 was published May 14, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and... Critical Unreviewed
CVE-2017-9227 was published May 14, 2022
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has... Critical Unreviewed
CVE-2019-9169 was published May 13, 2022
Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior... Critical Unreviewed
CVE-2022-1296 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database