Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

7,343 advisories

Loading
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing... Moderate Unreviewed
CVE-2019-5034 was published May 24, 2022
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27... Moderate Unreviewed
CVE-2020-7059 was published May 24, 2022
In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer... Moderate Unreviewed
CVE-2021-0460 was published May 24, 2022
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure... Moderate Unreviewed
CVE-2021-28116 was published May 24, 2022
An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose... High Unreviewed
CVE-2019-5032 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the Weave certificate loading... High Unreviewed
CVE-2019-5037 was published May 24, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and... Critical Unreviewed
CVE-2017-9224 was published May 14, 2022
Out-of-bounds Read in Facebook Hermes High
CVE-2020-1915 was published for hermes-engine (npm) May 24, 2022
DanielSinclair Credited to DanielSinclair, Nsquik, troZee, CHaNGeTe, ivan-mattr, and mmehtonen-24i Nsquik Nsquik
troZee troZee CHaNGeTe CHaNGeTe ivan-mattr ivan-mattr mmehtonen-24i mmehtonen-24i
An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded... Moderate Unreviewed
CVE-2020-13496 was published May 24, 2022
The path in this case is a little bit convoluted. The end result is that via an ioctl an... Critical Unreviewed
CVE-2021-0942 was published Sep 14, 2022
In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function ... Moderate Unreviewed
CVE-2020-35531 was published Sep 2, 2022
Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote... Moderate Unreviewed
CVE-2019-5835 was published May 24, 2022
Out-of-bounds Read and Out-of-bounds Write in Facebook Hermes High
CVE-2020-1912 was published for hermes-engine (npm) May 24, 2022
Out-of-bounds Read vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior,... Moderate Unreviewed
CVE-2021-20606 was published Dec 18, 2021
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile... High Unreviewed
CVE-2015-2325 was published May 24, 2022
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below... Moderate Unreviewed
CVE-2020-7060 was published May 24, 2022
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based... High Unreviewed
CVE-2020-23922 was published May 24, 2022
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has... High Unreviewed
CVE-2020-23928 was published May 24, 2022
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE... Moderate Unreviewed
CVE-2020-11760 was published May 24, 2022
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2022-26697 was published May 27, 2022
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of... Moderate Unreviewed
CVE-2022-28856 was published Sep 17, 2022
Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an out-of... Moderate Unreviewed
CVE-2022-38409 was published Sep 17, 2022
Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by an out-of-bounds... Moderate Unreviewed
CVE-2022-38407 was published Sep 17, 2022
Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an out-of... Moderate Unreviewed
CVE-2022-38410 was published Sep 17, 2022
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. Moderate Unreviewed
CVE-2021-3522 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database