Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

484 advisories

Loading
An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the... Critical Unreviewed
CVE-2024-41721 was published Sep 20, 2024
In function MatchDomainName(), input param str is treated as a NULL terminated string despite... Critical Unreviewed
CVE-2024-5991 was published Aug 27, 2024
Asterix Heap-based Buffer Overflow Critical
CVE-2021-44144 was published for asterix_decoder (pip) May 24, 2022
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an... Critical Unreviewed
CVE-2023-38427 was published Jul 18, 2023
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c ... Critical Unreviewed
CVE-2024-32622 was published May 14, 2024
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that... Critical Unreviewed
CVE-2022-48623 was published Feb 13, 2024
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling... Critical Unreviewed
CVE-2024-29943 was published Mar 22, 2024
Editor code failed to check an attribute value. This could have led to an out-of-bounds read.... Critical Unreviewed
CVE-2024-7522 was published Aug 6, 2024
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name... Critical Unreviewed
CVE-2024-37407 was published Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length... Critical Unreviewed
CVE-2021-47274 was published May 21, 2024
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is... Critical Unreviewed
CVE-2023-2597 was published May 22, 2023
singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a... Critical Unreviewed
CVE-2022-28805 was published Apr 9, 2022
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd... Critical Unreviewed
CVE-2023-38431 was published Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request... Critical Unreviewed
CVE-2023-38430 was published Jul 18, 2023
Mercurial Out-of-bounds Read vulnerability Critical
CVE-2018-17983 was published for mercurial (pip) May 14, 2022
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific... Critical Unreviewed
CVE-2023-41910 was published Sep 5, 2023
Possible out of bound read occurs while processing beaconing request due to lack of check on... Critical Unreviewed
CVE-2019-2276 was published May 24, 2022
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level... Critical Unreviewed
CVE-2019-17040 was published May 24, 2022
TensorFlow vulnerable to heap out of bounds read in filesystem glob matching Critical
CVE-2020-26269 was published for tensorflow (pip) Oct 7, 2022
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can... Critical Unreviewed
CVE-2024-22004 was published Apr 5, 2024
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of... Critical Unreviewed
CVE-2023-46569 was published Oct 28, 2023
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr... Critical Unreviewed
CVE-2023-46570 was published Oct 28, 2023
In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out... Critical Unreviewed
CVE-2023-35647 was published Oct 11, 2023
In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out... Critical Unreviewed
CVE-2023-35648 was published Oct 11, 2023
A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as... Critical Unreviewed
CVE-2023-28543 was published Sep 5, 2023
ProTip! Advisories are also available from the GraphQL API