Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

494 advisories

Loading
Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR... Critical Unreviewed
CVE-2022-39881 was published Nov 10, 2022
In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then... Critical Unreviewed
CVE-2022-42905 was published Nov 7, 2022
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects... Critical Unreviewed
CVE-2021-46848 was published Oct 24, 2022
Information disclosure in WLAN due to improper length check while processing authentication... Critical Unreviewed
CVE-2022-25719 was published Oct 19, 2022
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification... Critical Unreviewed
CVE-2021-46840 was published Oct 14, 2022
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful... Critical Unreviewed
CVE-2021-46839 was published Oct 14, 2022
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation... Critical Unreviewed
CVE-2022-37032 was published Sep 20, 2022
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this... Critical Unreviewed
CVE-2021-40019 was published Sep 17, 2022
The path in this case is a little bit convoluted. The end result is that via an ioctl an... Critical Unreviewed
CVE-2021-0942 was published Sep 14, 2022
An out-of-bounds read can occur while parsing a server certificate due to improper length check... Critical Unreviewed
CVE-2022-22062 was published Sep 3, 2022
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for... Critical Unreviewed
CVE-2019-15167 was published Aug 28, 2022
An attacker who submits a crafted tar file with size in header struct being 0 may be able to... Critical Unreviewed
CVE-2021-33643 was published Aug 11, 2022
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote... Critical Unreviewed
CVE-2022-2010 was published Jul 29, 2022
sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the... Critical Unreviewed
CVE-2021-41556 was published Jul 29, 2022
Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi... Critical Unreviewed
CVE-2022-33319 was published Jul 21, 2022
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Critical Unreviewed
CVE-2022-34029 was published Jul 19, 2022
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.2.0. In some configurations,... Critical Unreviewed
CVE-2022-35409 was published Jul 16, 2022
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key... Critical Unreviewed
CVE-2021-35083 was published Jun 15, 2022
Buffer Over-read in GitHub repository vim/vim prior to 8.2. Critical Unreviewed
CVE-2022-1927 was published May 30, 2022
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. Critical Unreviewed
CVE-2022-1899 was published May 27, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31884 was published May 24, 2022
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55.... Critical Unreviewed
CVE-2020-12403 was published May 24, 2022
njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt... Critical Unreviewed
CVE-2019-12207 was published May 24, 2022
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37016 was published May 24, 2022
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of... Critical Unreviewed
CVE-2021-42374 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database