GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
484 advisories
Filter by severity
An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the...
Critical
Unreviewed
CVE-2024-41721
was published
Sep 20, 2024
In function MatchDomainName(), input param str is treated as a NULL terminated string despite...
Critical
Unreviewed
CVE-2024-5991
was published
Aug 27, 2024
Editor code failed to check an attribute value. This could have led to an out-of-bounds read....
Critical
Unreviewed
CVE-2024-7522
was published
Aug 6, 2024
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name...
Critical
Unreviewed
CVE-2024-37407
was published
Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
tracing: Correct the length...
Critical
Unreviewed
CVE-2021-47274
was published
May 21, 2024
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c ...
Critical
Unreviewed
CVE-2024-32622
was published
May 14, 2024
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can...
Critical
Unreviewed
CVE-2024-22004
was published
Apr 5, 2024
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling...
Critical
Unreviewed
CVE-2024-29943
was published
Mar 22, 2024
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that...
Critical
Unreviewed
CVE-2022-48623
was published
Feb 13, 2024
Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through...
Critical
Unreviewed
CVE-2021-42147
was published
Jan 24, 2024
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows...
Critical
Unreviewed
CVE-2021-42144
was published
Jan 24, 2024
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko...
Critical
Unreviewed
CVE-2023-4280
was published
Jan 2, 2024
An unvalidated input in a library function responsible for communicating between secure and non...
Critical
Unreviewed
CVE-2023-4020
was published
Dec 15, 2023
An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1...
Critical
Unreviewed
CVE-2023-42538
was published
Nov 13, 2023
An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows...
Critical
Unreviewed
CVE-2023-42536
was published
Nov 13, 2023
An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows...
Critical
Unreviewed
CVE-2023-42537
was published
Nov 13, 2023
exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.
Critical
Unreviewed
CVE-2023-45897
was published
Oct 28, 2023
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of...
Critical
Unreviewed
CVE-2023-46569
was published
Oct 28, 2023
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr...
Critical
Unreviewed
CVE-2023-46570
was published
Oct 28, 2023
In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out...
Critical
Unreviewed
CVE-2023-35648
was published
Oct 11, 2023
In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out...
Critical
Unreviewed
CVE-2023-35647
was published
Oct 11, 2023
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. An...
Critical
Unreviewed
CVE-2023-40436
was published
Sep 27, 2023
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific...
Critical
Unreviewed
CVE-2023-41910
was published
Sep 5, 2023
A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as...
Critical
Unreviewed
CVE-2023-28543
was published
Sep 5, 2023
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte...
Critical
Unreviewed
CVE-2023-41360
was published
Aug 29, 2023
ProTip!
Advisories are also available from the
GraphQL API