Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

92 advisories

Loading
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and... Critical Unreviewed
CVE-2016-10160 was published May 14, 2022
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by... Moderate Unreviewed
CVE-2020-27171 was published May 24, 2022
An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c.... High Unreviewed
CVE-2020-27793 was published Aug 20, 2022
off-by-one in io_uring module. High Unreviewed
CVE-2022-3103 was published Sep 27, 2022
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the... High Unreviewed
CVE-2019-10131 was published May 24, 2022
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an... Critical Unreviewed
CVE-2019-14532 was published May 24, 2022
Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and... Moderate Unreviewed
CVE-2013-0897 was published May 14, 2022
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the... Moderate Unreviewed
CVE-2020-11765 was published May 24, 2022
An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player... Moderate Unreviewed
CVE-2019-19721 was published May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial... High Unreviewed
CVE-2020-29040 was published May 24, 2022
Crow before v1.0+4 was discovered to contain a buffer overflow via the function qs_parse at... Critical Unreviewed
CVE-2022-34970 was published Aug 5, 2022
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by... High Unreviewed
CVE-2019-3813 was published Apr 30, 2022
An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading... High Unreviewed
CVE-2022-3872 was published Nov 8, 2022
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6... Moderate Unreviewed
CVE-2008-3535 was published May 2, 2022
Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow... Moderate Unreviewed
CVE-2008-3964 was published May 2, 2022
Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP... Moderate Unreviewed
CVE-2009-1217 was published May 2, 2022
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in... High Unreviewed
CVE-2010-3454 was published May 13, 2022
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one... Moderate Unreviewed
CVE-2018-14679 was published May 13, 2022
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one... High Unreviewed
CVE-2018-14682 was published May 13, 2022
QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off... Moderate Unreviewed
CVE-2015-8701 was published May 13, 2022
UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with... Critical Unreviewed
CVE-2019-8268 was published May 13, 2022
UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can... Critical Unreviewed
CVE-2019-8272 was published May 13, 2022
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is... Critical Unreviewed
CVE-2018-14599 was published May 13, 2022
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization... Moderate Unreviewed
CVE-2021-44007 was published Dec 15, 2021
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in... High Unreviewed
CVE-2010-1773 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database