Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,409
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

501 advisories

Loading
In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the... Critical Unreviewed
CVE-2020-29657 was published May 24, 2022
An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of... Critical Unreviewed
CVE-2017-14451 was published May 24, 2022
u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned... Critical Unreviewed
CVE-2020-11193 was published May 24, 2022
drachtio-server 0.8.18 has a heap-based buffer over-read via a long Request-URI in an INVITE... Critical Unreviewed
CVE-2022-45909 was published Nov 26, 2022
u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode... Critical Unreviewed
CVE-2020-3703 was published May 24, 2022
u'Potential out of bounds read while processing downlink NAS transport message due to improper... Critical Unreviewed
CVE-2020-3670 was published May 24, 2022
An out-of-bounds read was addressed with improved input validation. This issue is fixed in... Critical Unreviewed
CVE-2019-8581 was published May 24, 2022
GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GPMF_ScaledData(). Parsing... Critical Unreviewed
CVE-2020-16159 was published May 24, 2022
The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an... Critical Unreviewed
CVE-2020-8036 was published May 24, 2022
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this... Critical Unreviewed
CVE-2021-40019 was published Sep 17, 2022
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape... Critical Unreviewed
CVE-2019-17544 was published May 24, 2022
An attacker who submits a crafted tar file with size in header struct being 0 may be able to... Critical Unreviewed
CVE-2021-33643 was published Aug 11, 2022
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of... Critical Unreviewed
CVE-2019-14462 was published May 24, 2022
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has... Critical Unreviewed
CVE-2019-13962 was published May 24, 2022
njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.... Critical Unreviewed
CVE-2019-13067 was published May 24, 2022
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of... Critical Unreviewed
CVE-2019-14463 was published May 24, 2022
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the... Critical Unreviewed
CVE-2019-8457 was published May 24, 2022
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. Critical Unreviewed
CVE-2019-11835 was published May 24, 2022
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. Critical Unreviewed
CVE-2019-11834 was published May 24, 2022
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds... Critical Unreviewed
CVE-2019-15505 was published May 24, 2022
Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert... Critical Unreviewed
CVE-2022-28228 was published Dec 24, 2022
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4... Critical Unreviewed
CVE-2016-5687 was published May 17, 2022
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An... Critical Unreviewed
CVE-2021-20093 was published May 24, 2022
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Critical Unreviewed
CVE-2022-34029 was published Jul 19, 2022
Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi... Critical Unreviewed
CVE-2022-33319 was published Jul 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database