Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

92 advisories

Loading
Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote... Moderate Unreviewed
CVE-2011-2852 was published May 13, 2022
A security issue in nginx resolver was identified, which might allow an attacker who is able to... Critical Unreviewed
CVE-2021-23017 was published May 24, 2022
axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of... Moderate Unreviewed
CVE-2017-1000416 was published May 13, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by... High Unreviewed
CVE-2017-9720 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite... High Unreviewed
CVE-2018-7329 was published May 13, 2022
An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when... High Unreviewed
CVE-2018-9860 was published May 13, 2022
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while... Moderate Unreviewed
CVE-2021-3930 was published Feb 19, 2022
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to... High Unreviewed
CVE-2021-3999 was published Aug 25, 2022
Off-by-one Error in v2fly/v2ray-core Critical
CVE-2021-4070 was published for github.com/v2fly/v2ray-core (Go) Feb 24, 2022
An Off-by-one Error occurs in cmr113_decode of rtl_433 21.12 when decoding a crafted file. Moderate Unreviewed
CVE-2022-25051 was published Mar 3, 2022
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local... Moderate Unreviewed
CVE-2011-2695 was published May 13, 2022
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr... Moderate Unreviewed
CVE-2017-2618 was published May 13, 2022
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in... Moderate Unreviewed
CVE-2014-5388 was published May 13, 2022
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6... Low Unreviewed
CVE-2010-2955 was published May 13, 2022
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache... Moderate Unreviewed
CVE-2005-1268 was published May 1, 2022
wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64 Low
CVE-2023-27477 was published for cranelift-codegen (Rust) Mar 9, 2023
afonso360
A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of... High Unreviewed
CVE-2021-21938 was published Apr 15, 2022
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of... High Unreviewed
CVE-2019-18423 was published May 24, 2022
Off-by-one error in simple-slab High
CVE-2020-35893 was published for simple-slab (Rust) Aug 25, 2021
tdunlap607
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. Moderate Unreviewed
CVE-2023-0818 was published Feb 14, 2023
A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master... Moderate Unreviewed
CVE-2022-36354 was published Dec 23, 2022
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c.... Moderate Unreviewed
CVE-2022-3821 was published Nov 9, 2022
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2... Moderate Unreviewed
CVE-2007-2052 was published May 1, 2022
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All... Moderate Unreviewed
CVE-2020-27736 was published May 24, 2022
Buffer Overflow in galois_2p8 Critical
CVE-2022-24988 was published for galois_2p8 (Rust) Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database