GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
479 advisories
Filter by severity
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-40050
was published
Mar 11, 2022
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function...
Critical
Unreviewed
CVE-2021-33293
was published
Mar 11, 2022
An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto,...
Critical
Unreviewed
CVE-2021-35117
was published
Apr 2, 2022
Possible out of bound read due to improper validation of IE length during SSID IE parse when...
Critical
Unreviewed
CVE-2021-35088
was published
Apr 2, 2022
A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record'...
Critical
Unreviewed
CVE-2021-26623
was published
Apr 3, 2022
Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2...
Critical
Unreviewed
CVE-2022-1297
was published
Apr 12, 2022
Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible...
Critical
Unreviewed
CVE-2022-1276
was published
Apr 11, 2022
Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior...
Critical
Unreviewed
CVE-2022-1296
was published
Apr 12, 2022
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has...
Critical
Unreviewed
CVE-2019-9169
was published
May 13, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and...
Critical
Unreviewed
CVE-2017-9227
was published
May 14, 2022
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers...
Critical
Unreviewed
CVE-2017-11147
was published
May 13, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and...
Critical
Unreviewed
CVE-2017-9224
was published
May 14, 2022
The path in this case is a little bit convoluted. The end result is that via an ioctl an...
Critical
Unreviewed
CVE-2021-0942
was published
Sep 14, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function...
Critical
Unreviewed
CVE-2018-25013
was published
May 24, 2022
An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap...
Critical
Unreviewed
CVE-2020-19751
was published
May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function...
Critical
Unreviewed
CVE-2018-25012
was published
May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function...
Critical
Unreviewed
CVE-2018-25009
was published
May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function...
Critical
Unreviewed
CVE-2018-25010
was published
May 24, 2022
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key...
Critical
Unreviewed
CVE-2021-35083
was published
Jun 15, 2022
The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial...
Critical
Unreviewed
CVE-2017-11465
was published
May 17, 2022
In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp function in misc/regex...
Critical
Unreviewed
CVE-2017-9728
was published
May 17, 2022
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk...
Critical
Unreviewed
CVE-2016-9555
was published
May 14, 2022
The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung...
Critical
Unreviewed
CVE-2017-5538
was published
May 17, 2022
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the...
Critical
Unreviewed
CVE-2019-15926
was published
May 24, 2022
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h.
Critical
Unreviewed
CVE-2022-34029
was published
Jul 19, 2022
ProTip!
Advisories are also available from the
GraphQL API