GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
92 advisories
Filter by severity
axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of...
Moderate
Unreviewed
CVE-2017-1000416
was published
May 13, 2022
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr...
Moderate
Unreviewed
CVE-2017-2618
was published
May 13, 2022
Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote...
Moderate
Unreviewed
CVE-2011-2852
was published
May 13, 2022
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local...
Moderate
Unreviewed
CVE-2011-2695
was published
May 13, 2022
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in...
Moderate
Unreviewed
CVE-2014-5388
was published
May 13, 2022
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6...
Low
Unreviewed
CVE-2010-2955
was published
May 13, 2022
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in...
High
Unreviewed
CVE-2010-1773
was published
May 13, 2022
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is...
Critical
Unreviewed
CVE-2018-14599
was published
May 13, 2022
UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with...
Critical
Unreviewed
CVE-2019-8268
was published
May 13, 2022
UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can...
Critical
Unreviewed
CVE-2019-8272
was published
May 13, 2022
QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off...
Moderate
Unreviewed
CVE-2015-8701
was published
May 13, 2022
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one...
Moderate
Unreviewed
CVE-2018-14679
was published
May 13, 2022
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one...
High
Unreviewed
CVE-2018-14682
was published
May 13, 2022
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in...
High
Unreviewed
CVE-2010-3454
was published
May 13, 2022
Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP...
Moderate
Unreviewed
CVE-2009-1217
was published
May 2, 2022
Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow...
Moderate
Unreviewed
CVE-2008-3964
was published
May 2, 2022
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6...
Moderate
Unreviewed
CVE-2008-3535
was published
May 2, 2022
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2...
Moderate
Unreviewed
CVE-2007-2052
was published
May 1, 2022
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache...
Moderate
Unreviewed
CVE-2005-1268
was published
May 1, 2022
Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier...
High
Unreviewed
CVE-2002-1816
was published
Apr 30, 2022
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers...
Moderate
Unreviewed
CVE-2002-1745
was published
Apr 30, 2022
Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of...
Moderate
Unreviewed
CVE-2002-1721
was published
Apr 30, 2022
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows...
High
Unreviewed
CVE-2001-1496
was published
Apr 30, 2022
Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify...
Low
Unreviewed
CVE-2001-1391
was published
Apr 30, 2022
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to...
High
Unreviewed
CVE-2001-0609
was published
Apr 30, 2022
ProTip!
Advisories are also available from the
GraphQL API