GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,184
Composer 4,340
Erlang 31
GitHub Actions 22
Go 2,101
Maven 5,279
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 885
Swift 37

Unreviewed advisories

All unreviewed 242,961

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

501 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the... Critical Unreviewed

CVE-2019-15926 was published May 24, 2022

Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi... Critical Unreviewed

CVE-2022-33319 was published Jul 21, 2022

Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Critical Unreviewed

CVE-2022-34029 was published Jul 19, 2022

A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An... Critical Unreviewed

CVE-2021-20093 was published May 24, 2022

The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4... Critical Unreviewed

CVE-2016-5687 was published May 17, 2022

Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert... Critical Unreviewed

CVE-2022-28228 was published Dec 24, 2022

drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds... Critical Unreviewed

CVE-2019-15505 was published May 24, 2022

cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. Critical Unreviewed

CVE-2019-11834 was published May 24, 2022

cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. Critical Unreviewed

CVE-2019-11835 was published May 24, 2022

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the... Critical Unreviewed

CVE-2019-8457 was published May 24, 2022

An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of... Critical Unreviewed

CVE-2019-14463 was published May 24, 2022

njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.... Critical Unreviewed

CVE-2019-13067 was published May 24, 2022

lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has... Critical Unreviewed

CVE-2019-13962 was published May 24, 2022

An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of... Critical Unreviewed

CVE-2019-14462 was published May 24, 2022

An attacker who submits a crafted tar file with size in header struct being 0 may be able to... Critical Unreviewed

CVE-2021-33643 was published Aug 11, 2022

libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape... Critical Unreviewed

CVE-2019-17544 was published May 24, 2022

Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this... Critical Unreviewed

CVE-2021-40019 was published Sep 17, 2022

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an... Critical Unreviewed

CVE-2020-8036 was published May 24, 2022

GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GPMF_ScaledData(). Parsing... Critical Unreviewed

CVE-2020-16159 was published May 24, 2022

An out-of-bounds read was addressed with improved input validation. This issue is fixed in... Critical Unreviewed

CVE-2019-8581 was published May 24, 2022

u'Potential out of bounds read while processing downlink NAS transport message due to improper... Critical Unreviewed

CVE-2020-3670 was published May 24, 2022

u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode... Critical Unreviewed

CVE-2020-3703 was published May 24, 2022

drachtio-server 0.8.18 has a heap-based buffer over-read via a long Request-URI in an INVITE... Critical Unreviewed

CVE-2022-45909 was published Nov 26, 2022

u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned... Critical Unreviewed

CVE-2020-11193 was published May 24, 2022

An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of... Critical Unreviewed

CVE-2017-14451 was published May 24, 2022

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

501 advisories