Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

481 advisories

Loading
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric... Critical Unreviewed
CVE-2021-36159 was published May 24, 2022
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of... Critical Unreviewed
CVE-2021-22354 was published May 24, 2022
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read,... Critical Unreviewed
CVE-2021-32990 was published May 24, 2022
In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to... Critical Unreviewed
CVE-2021-0516 was published May 24, 2022
An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of... Critical Unreviewed
CVE-2021-21777 was published May 24, 2022
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An... Critical Unreviewed
CVE-2021-20093 was published May 24, 2022
Possible out of bound read while WLAN frame parsing due to lack of check for body and header... Critical Unreviewed
CVE-2020-11126 was published May 24, 2022
Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE... Critical Unreviewed
CVE-2020-11159 was published May 24, 2022
GattLib 0.3-rc1 has a stack-based buffer over-read in get_device_path_from_mac in dbus/gattlib.c. Critical Unreviewed
CVE-2021-33590 was published May 24, 2022
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. Critical Unreviewed
CVE-2021-30194 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2020-36331 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2020-36330 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25012 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25010 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25009 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function... Critical Unreviewed
CVE-2018-25013 was published May 24, 2022
Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01... Critical Unreviewed
CVE-2021-22668 was published May 24, 2022
Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera... Critical Unreviewed
CVE-2021-25848 was published May 24, 2022
Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera... Critical Unreviewed
CVE-2021-25847 was published May 24, 2022
Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is... Critical Unreviewed
CVE-2020-11285 was published May 24, 2022
Mutt 1.11.0 through 2.0.x before 2.0.7 (and NeoMutt 2019-10-25 through 2021-05-04) has a ... Critical Unreviewed
CVE-2021-32055 was published May 24, 2022
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8... Critical Unreviewed
CVE-2021-25216 was published May 24, 2022
XML External Entity Resolution (XXE) in Helix ALM. The XML Import functionality of the... Critical Unreviewed
CVE-2021-29997 was published May 24, 2022
Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon... Critical Unreviewed
CVE-2020-11247 was published May 24, 2022
Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer... Critical Unreviewed
CVE-2020-11251 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database