Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

5,681 advisories

Loading
An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when... High Unreviewed
CVE-2022-3170 was published Sep 14, 2022
In the nl80211_policy policy of nl80211.c, there is a possible out of bounds read due to a... Moderate Unreviewed
CVE-2020-27068 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2019-6765 was published May 24, 2022
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing... Moderate Unreviewed
CVE-2019-5034 was published May 24, 2022
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27... Moderate Unreviewed
CVE-2020-7059 was published May 24, 2022
In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer... Moderate Unreviewed
CVE-2021-0460 was published May 24, 2022
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure... Moderate Unreviewed
CVE-2021-28116 was published May 24, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and... Critical Unreviewed
CVE-2017-9224 was published May 14, 2022
An exploitable denial-of-service vulnerability exists in the Weave certificate loading... High Unreviewed
CVE-2019-5037 was published May 24, 2022
An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose... High Unreviewed
CVE-2019-5032 was published May 24, 2022
An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded... Moderate Unreviewed
CVE-2020-13496 was published May 24, 2022
Out-of-bounds Read in Facebook Hermes High
CVE-2020-1915 was published for hermes-engine (npm) May 24, 2022
DanielSinclair Nsquik
troZee CHaNGeTe ivan-mattr mmehtonen-24i
In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function ... Moderate Unreviewed
CVE-2020-35531 was published Sep 2, 2022
The path in this case is a little bit convoluted. The end result is that via an ioctl an... Critical Unreviewed
CVE-2021-0942 was published Sep 14, 2022
Out-of-bounds Read and Out-of-bounds Write in Facebook Hermes High
CVE-2020-1912 was published for hermes-engine (npm) May 24, 2022
Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote... Moderate Unreviewed
CVE-2019-5835 was published May 24, 2022
Out-of-bounds Read vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior,... Moderate Unreviewed
CVE-2021-20606 was published Dec 18, 2021
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile... High Unreviewed
CVE-2015-2325 was published May 24, 2022
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below... Moderate Unreviewed
CVE-2020-7060 was published May 24, 2022
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE... Moderate Unreviewed
CVE-2020-11760 was published May 24, 2022
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has... High Unreviewed
CVE-2020-23928 was published May 24, 2022
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based... High Unreviewed
CVE-2020-23922 was published May 24, 2022
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2022-26697 was published May 27, 2022
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of... Moderate Unreviewed
CVE-2022-28856 was published Sep 17, 2022
Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an out-of... Moderate Unreviewed
CVE-2022-38410 was published Sep 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database