Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

501 advisories

Loading
Out of bound read occurs while processing crafted SDP due to lack of check of null string in... Critical Unreviewed
CVE-2020-11191 was published May 24, 2022
XML External Entity Resolution (XXE) in Helix ALM. The XML Import functionality of the... Critical Unreviewed
CVE-2021-29997 was published May 24, 2022
Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE... Critical Unreviewed
CVE-2020-11159 was published May 24, 2022
Possible out of bound read while WLAN frame parsing due to lack of check for body and header... Critical Unreviewed
CVE-2020-11126 was published May 24, 2022
An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of... Critical Unreviewed
CVE-2021-21777 was published May 24, 2022
In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to... Critical Unreviewed
CVE-2021-0516 was published May 24, 2022
Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera... Critical Unreviewed
CVE-2021-25847 was published May 24, 2022
Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is... Critical Unreviewed
CVE-2020-11285 was published May 24, 2022
Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera... Critical Unreviewed
CVE-2021-25848 was published May 24, 2022
GattLib 0.3-rc1 has a stack-based buffer over-read in get_device_path_from_mac in dbus/gattlib.c. Critical Unreviewed
CVE-2021-33590 was published May 24, 2022
An out-of-bounds read can occur while parsing a server certificate due to improper length check... Critical Unreviewed
CVE-2022-22062 was published Sep 3, 2022
Buffer over read while processing MT SMS with maximum length due to improper length check in... Critical Unreviewed
CVE-2020-11222 was published May 24, 2022
Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon... Critical Unreviewed
CVE-2020-11247 was published May 24, 2022
Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer... Critical Unreviewed
CVE-2020-11251 was published May 24, 2022
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8... Critical Unreviewed
CVE-2021-25216 was published May 24, 2022
Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01... Critical Unreviewed
CVE-2021-22668 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2020-36330 was published May 24, 2022
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. Critical Unreviewed
CVE-2021-30194 was published May 24, 2022
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read,... Critical Unreviewed
CVE-2021-32990 was published May 24, 2022
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of... Critical Unreviewed
CVE-2021-22354 was published May 24, 2022
sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the... Critical Unreviewed
CVE-2021-41556 was published Jul 29, 2022
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric... Critical Unreviewed
CVE-2021-36159 was published May 24, 2022
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows... Critical Unreviewed
CVE-2021-38564 was published May 24, 2022
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for... Critical Unreviewed
CVE-2019-15167 was published Aug 28, 2022
libmobi is vulnerable to Out-of-bounds Read Critical Unreviewed
CVE-2021-3881 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database