Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

500 advisories

Loading
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply... Critical Unreviewed
CVE-2022-23096 was published Feb 10, 2022
Out-of-bounds read in Pillow Critical
CVE-2020-11538 was published for Pillow (pip) Jul 27, 2020
An unvalidated input in a library function responsible for communicating between secure and non... Critical Unreviewed
CVE-2023-4020 was published Dec 15, 2023
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. An... Critical Unreviewed
CVE-2023-40436 was published Sep 27, 2023
An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the... Critical Unreviewed
CVE-2024-41721 was published Sep 20, 2024
In function MatchDomainName(), input param str is treated as a NULL terminated string despite... Critical Unreviewed
CVE-2024-5991 was published Aug 27, 2024
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an... Critical Unreviewed
CVE-2023-38427 was published Jul 18, 2023
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c ... Critical Unreviewed
CVE-2024-32622 was published May 14, 2024
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that... Critical Unreviewed
CVE-2022-48623 was published Feb 13, 2024
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling... Critical Unreviewed
CVE-2024-29943 was published Mar 22, 2024
Editor code failed to check an attribute value. This could have led to an out-of-bounds read.... Critical Unreviewed
CVE-2024-7522 was published Aug 6, 2024
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name... Critical Unreviewed
CVE-2024-37407 was published Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length... Critical Unreviewed
CVE-2021-47274 was published May 21, 2024
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is... Critical Unreviewed
CVE-2023-2597 was published May 22, 2023
singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a... Critical Unreviewed
CVE-2022-28805 was published Apr 9, 2022
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd... Critical Unreviewed
CVE-2023-38431 was published Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request... Critical Unreviewed
CVE-2023-38430 was published Jul 18, 2023
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific... Critical Unreviewed
CVE-2023-41910 was published Sep 5, 2023
Possible out of bound read occurs while processing beaconing request due to lack of check on... Critical Unreviewed
CVE-2019-2276 was published May 24, 2022
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level... Critical Unreviewed
CVE-2019-17040 was published May 24, 2022
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can... Critical Unreviewed
CVE-2024-22004 was published Apr 5, 2024
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of... Critical Unreviewed
CVE-2023-46569 was published Oct 28, 2023
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr... Critical Unreviewed
CVE-2023-46570 was published Oct 28, 2023
In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out... Critical Unreviewed
CVE-2023-35647 was published Oct 11, 2023
In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out... Critical Unreviewed
CVE-2023-35648 was published Oct 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database