Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

484 advisories

Loading
Denial of Service in https-proxy-agent Critical
CVE-2018-3739 was published for https-proxy-agent (npm) Jul 27, 2018
kurt-r2c
Out of bounds read in simple-slab Critical
CVE-2020-35892 was published for simple-slab (Rust) Aug 25, 2021
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function... Critical Unreviewed
CVE-2021-33293 was published Mar 11, 2022
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this... Critical Unreviewed
CVE-2021-40050 was published Mar 11, 2022
Possible out of bound read due to improper validation of IE length during SSID IE parse when... Critical Unreviewed
CVE-2021-35088 was published Apr 2, 2022
An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto,... Critical Unreviewed
CVE-2021-35117 was published Apr 2, 2022
A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record'... Critical Unreviewed
CVE-2021-26623 was published Apr 3, 2022
Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2... Critical Unreviewed
CVE-2022-1297 was published Apr 12, 2022
Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible... Critical Unreviewed
CVE-2022-1276 was published Apr 11, 2022
Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior... Critical Unreviewed
CVE-2022-1296 was published Apr 12, 2022
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has... Critical Unreviewed
CVE-2019-9169 was published May 13, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and... Critical Unreviewed
CVE-2017-9227 was published May 14, 2022
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers... Critical Unreviewed
CVE-2017-11147 was published May 13, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and... Critical Unreviewed
CVE-2017-9224 was published May 14, 2022
The path in this case is a little bit convoluted. The end result is that via an ioctl an... Critical Unreviewed
CVE-2021-0942 was published Sep 14, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25013 was published May 24, 2022
An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap... Critical Unreviewed
CVE-2020-19751 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25012 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25009 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25010 was published May 24, 2022
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key... Critical Unreviewed
CVE-2021-35083 was published Jun 15, 2022
The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial... Critical Unreviewed
CVE-2017-11465 was published May 17, 2022
In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex... Critical Unreviewed
CVE-2017-9728 was published May 17, 2022
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk... Critical Unreviewed
CVE-2016-9555 was published May 14, 2022
The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung... Critical Unreviewed
CVE-2017-5538 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database