GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
484 advisories
Filter by severity
An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the...
Critical
Unreviewed
CVE-2024-41721
was published
Sep 20, 2024
In function MatchDomainName(), input param str is treated as a NULL terminated string despite...
Critical
Unreviewed
CVE-2024-5991
was published
Aug 27, 2024
Asterix Heap-based Buffer Overflow
Critical
CVE-2021-44144
was published
for
asterix_decoder
(pip)
May 24, 2022
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an...
Critical
Unreviewed
CVE-2023-38427
was published
Jul 18, 2023
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c ...
Critical
Unreviewed
CVE-2024-32622
was published
May 14, 2024
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that...
Critical
Unreviewed
CVE-2022-48623
was published
Feb 13, 2024
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling...
Critical
Unreviewed
CVE-2024-29943
was published
Mar 22, 2024
Editor code failed to check an attribute value. This could have led to an out-of-bounds read....
Critical
Unreviewed
CVE-2024-7522
was published
Aug 6, 2024
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name...
Critical
Unreviewed
CVE-2024-37407
was published
Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
tracing: Correct the length...
Critical
Unreviewed
CVE-2021-47274
was published
May 21, 2024
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is...
Critical
Unreviewed
CVE-2023-2597
was published
May 22, 2023
singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a...
Critical
Unreviewed
CVE-2022-28805
was published
Apr 9, 2022
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd...
Critical
Unreviewed
CVE-2023-38431
was published
Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request...
Critical
Unreviewed
CVE-2023-38430
was published
Jul 18, 2023
Mercurial Out-of-bounds Read vulnerability
Critical
CVE-2018-17983
was published
for
mercurial
(pip)
May 14, 2022
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific...
Critical
Unreviewed
CVE-2023-41910
was published
Sep 5, 2023
Possible out of bound read occurs while processing beaconing request due to lack of check on...
Critical
Unreviewed
CVE-2019-2276
was published
May 24, 2022
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level...
Critical
Unreviewed
CVE-2019-17040
was published
May 24, 2022
TensorFlow vulnerable to heap out of bounds read in filesystem glob matching
Critical
CVE-2020-26269
was published
for
tensorflow
(pip)
Oct 7, 2022
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can...
Critical
Unreviewed
CVE-2024-22004
was published
Apr 5, 2024
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of...
Critical
Unreviewed
CVE-2023-46569
was published
Oct 28, 2023
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr...
Critical
Unreviewed
CVE-2023-46570
was published
Oct 28, 2023
In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out...
Critical
Unreviewed
CVE-2023-35647
was published
Oct 11, 2023
In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out...
Critical
Unreviewed
CVE-2023-35648
was published
Oct 11, 2023
A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as...
Critical
Unreviewed
CVE-2023-28543
was published
Sep 5, 2023
ProTip!
Advisories are also available from the
GraphQL API