Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

88 advisories

Loading
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to... High Unreviewed
CVE-2021-3999 was published Aug 25, 2022
An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c.... High Unreviewed
CVE-2020-27793 was published Aug 20, 2022
Crow before v1.0+4 was discovered to contain a buffer overflow via the function qs_parse at... Critical Unreviewed
CVE-2022-34970 was published Aug 5, 2022
Windows Kernel Denial of Service Vulnerability. Moderate Unreviewed
CVE-2022-30155 was published Jun 16, 2022
A security issue in nginx resolver was identified, which might allow an attacker who is able to... Critical Unreviewed
CVE-2021-23017 was published May 24, 2022
In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off... Critical Unreviewed
CVE-2021-31875 was published May 24, 2022
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All... Moderate Unreviewed
CVE-2020-27736 was published May 24, 2022
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by... Moderate Unreviewed
CVE-2020-27171 was published May 24, 2022
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via ... High Unreviewed
CVE-2021-3156 was published May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial... High Unreviewed
CVE-2020-29040 was published May 24, 2022
An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player... Moderate Unreviewed
CVE-2019-19721 was published May 24, 2022
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the... Moderate Unreviewed
CVE-2020-11765 was published May 24, 2022
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of... High Unreviewed
CVE-2019-18423 was published May 24, 2022
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an... Critical Unreviewed
CVE-2019-14532 was published May 24, 2022
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the... High Unreviewed
CVE-2019-10131 was published May 24, 2022
Off-by-one error in the convert_query_hexchar function in html.c in cgit.cgi in cgit before 0.8.3... Moderate Unreviewed
CVE-2011-1027 was published May 17, 2022
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and... Critical Unreviewed
CVE-2016-10160 was published May 14, 2022
Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and... Moderate Unreviewed
CVE-2013-0897 was published May 14, 2022
An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when... High Unreviewed
CVE-2018-9860 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite... High Unreviewed
CVE-2018-7329 was published May 13, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by... High Unreviewed
CVE-2017-9720 was published May 13, 2022
axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of... Moderate Unreviewed
CVE-2017-1000416 was published May 13, 2022
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr... Moderate Unreviewed
CVE-2017-2618 was published May 13, 2022
Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote... Moderate Unreviewed
CVE-2011-2852 was published May 13, 2022
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local... Moderate Unreviewed
CVE-2011-2695 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database