Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

39 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue... High Unreviewed
CVE-2024-49880 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: Fix... High Unreviewed
CVE-2024-49862 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one... High Unreviewed
CVE-2024-47682 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix off by... High Unreviewed
CVE-2024-47686 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by... High Unreviewed
CVE-2024-46852 was published Sep 27, 2024
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the... High Unreviewed
CVE-2024-32668 was published Sep 5, 2024
In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order... High Unreviewed
CVE-2024-43852 was published Aug 17, 2024
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote... High Unreviewed
CVE-2024-36136 was published Aug 14, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one... High Unreviewed
CVE-2022-48732 was published Jun 20, 2024
Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... High Unreviewed
CVE-2024-38440 was published Jun 16, 2024
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one... High Unreviewed
CVE-2022-48672 was published May 3, 2024
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-44444 was published May 3, 2024
incorrect storage layout for contracts containing large arrays High
CVE-2023-46247 was published for vyper (pip) Dec 13, 2023
An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a... High Unreviewed
CVE-2022-33064 was published Jul 18, 2023
Apache Tomcat - Fix for CVE-2023-24998 was incomplete High
CVE-2023-28709 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jul 6, 2023
westonsteimel
An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading... High Unreviewed
CVE-2022-3872 was published Nov 8, 2022
off-by-one in io_uring module. High Unreviewed
CVE-2022-3103 was published Sep 27, 2022
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to... High Unreviewed
CVE-2021-3999 was published Aug 25, 2022
An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c.... High Unreviewed
CVE-2020-27793 was published Aug 20, 2022
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via ... High Unreviewed
CVE-2021-3156 was published May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial... High Unreviewed
CVE-2020-29040 was published May 24, 2022
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of... High Unreviewed
CVE-2019-18423 was published May 24, 2022
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the... High Unreviewed
CVE-2019-10131 was published May 24, 2022
An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when... High Unreviewed
CVE-2018-9860 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite... High Unreviewed
CVE-2018-7329 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database