GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
495 advisories
Filter by severity
DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of...
Critical
Unreviewed
CVE-2022-36938
was published
Nov 11, 2022
Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR...
Critical
Unreviewed
CVE-2022-39881
was published
Nov 10, 2022
In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then...
Critical
Unreviewed
CVE-2022-42905
was published
Nov 7, 2022
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects...
Critical
Unreviewed
CVE-2021-46848
was published
Oct 24, 2022
Information disclosure in WLAN due to improper length check while processing authentication...
Critical
Unreviewed
CVE-2022-25719
was published
Oct 19, 2022
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification...
Critical
Unreviewed
CVE-2021-46840
was published
Oct 14, 2022
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful...
Critical
Unreviewed
CVE-2021-46839
was published
Oct 14, 2022
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation...
Critical
Unreviewed
CVE-2022-37032
was published
Sep 20, 2022
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-40019
was published
Sep 17, 2022
The path in this case is a little bit convoluted. The end result is that via an ioctl an...
Critical
Unreviewed
CVE-2021-0942
was published
Sep 14, 2022
An out-of-bounds read can occur while parsing a server certificate due to improper length check...
Critical
Unreviewed
CVE-2022-22062
was published
Sep 3, 2022
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for...
Critical
Unreviewed
CVE-2019-15167
was published
Aug 28, 2022
An attacker who submits a crafted tar file with size in header struct being 0 may be able to...
Critical
Unreviewed
CVE-2021-33643
was published
Aug 11, 2022
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote...
Critical
Unreviewed
CVE-2022-2010
was published
Jul 29, 2022
sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the...
Critical
Unreviewed
CVE-2021-41556
was published
Jul 29, 2022
Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi...
Critical
Unreviewed
CVE-2022-33319
was published
Jul 21, 2022
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h.
Critical
Unreviewed
CVE-2022-34029
was published
Jul 19, 2022
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.2.0. In some configurations,...
Critical
Unreviewed
CVE-2022-35409
was published
Jul 16, 2022
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key...
Critical
Unreviewed
CVE-2021-35083
was published
Jun 15, 2022
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
Critical
Unreviewed
CVE-2022-1927
was published
May 30, 2022
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0.
Critical
Unreviewed
CVE-2022-1899
was published
May 27, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)...
Critical
Unreviewed
CVE-2021-31884
was published
May 24, 2022
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55....
Critical
Unreviewed
CVE-2020-12403
was published
May 24, 2022
njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxt_utf8_decode in nxt...
Critical
Unreviewed
CVE-2019-12207
was published
May 24, 2022
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this...
Critical
Unreviewed
CVE-2021-37016
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API