Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

494 advisories

Loading
In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution... Critical Unreviewed
CVE-2023-21130 was published Jun 15, 2023
The facial recognition TA of some products has the out-of-bounds memory read vulnerability.... Critical Unreviewed
CVE-2022-48479 was published May 26, 2023
The `news` MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that... Critical Unreviewed
CVE-2023-23301 was published May 23, 2023
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is... Critical Unreviewed
CVE-2023-2597 was published May 22, 2023
The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation... Critical Unreviewed
CVE-2022-48312 was published Apr 16, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... Critical Unreviewed
CVE-2022-23123 was published Mar 28, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... Critical Unreviewed
CVE-2022-23124 was published Mar 28, 2023
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation Critical
CVE-2023-25668 was published for tensorflow (pip) Mar 24, 2023
Deno improperly handles resizable ArrayBuffer Critical
CVE-2023-28445 was published for Deno (Rust) Mar 23, 2023
lucacasonato JohnTitor
nipunn1313
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64 Critical
CVE-2023-26489 was published for cranelift-codegen (Rust) Mar 9, 2023
alexcrichton
In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based... Critical Unreviewed
CVE-2023-26253 was published Feb 21, 2023
openssl-src contains Read Buffer Overflow in X.509 Name Constraint Critical
CVE-2022-4203 was published for openssl-src (Rust) Feb 8, 2023
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. Critical Unreviewed
CVE-2022-4337 was published Jan 11, 2023
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Critical Unreviewed
CVE-2022-4338 was published Jan 11, 2023
Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert... Critical Unreviewed
CVE-2022-28228 was published Dec 24, 2022
A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF... Critical Unreviewed
CVE-2022-41649 was published Dec 23, 2022
The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this... Critical Unreviewed
CVE-2022-46320 was published Dec 20, 2022
Patchelf out-of-bounds read Critical
CVE-2022-44940 was published for patchelf (pip) Dec 20, 2022
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an... Critical Unreviewed
CVE-2022-20472 was published Dec 13, 2022
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an... Critical Unreviewed
CVE-2022-20473 was published Dec 13, 2022
PaddlePaddle Out-of-bounds Read vulnerability Critical
CVE-2022-46741 was published for paddlepaddle (pip) Dec 7, 2022
Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the... Critical Unreviewed
CVE-2022-45313 was published Dec 5, 2022
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp... Critical Unreviewed
CVE-2022-45315 was published Dec 5, 2022
drachtio-server 0.8.18 has a heap-based buffer over-read via a long Request-URI in an INVITE... Critical Unreviewed
CVE-2022-45909 was published Nov 26, 2022
DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of... Critical Unreviewed
CVE-2022-36938 was published Nov 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database