Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,409
Erlang
33
GitHub Actions
22
Go
2,144
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,475 advisories

Loading
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile... High Unreviewed
CVE-2015-2325 was published May 24, 2022
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2022-26697 was published May 27, 2022
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based... High Unreviewed
CVE-2020-23922 was published May 24, 2022
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has... High Unreviewed
CVE-2020-23928 was published May 24, 2022
An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_compiler.hpp has a heap... High Unreviewed
CVE-2020-23921 was published May 24, 2022
An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has... High Unreviewed
CVE-2020-23931 was published May 24, 2022
Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by a Heap-based... High Unreviewed
CVE-2022-38403 was published Sep 17, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of... High Unreviewed
CVE-2022-38431 was published Sep 17, 2022
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of... High Unreviewed
CVE-2022-38416 was published Sep 17, 2022
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory... High Unreviewed
CVE-2021-36160 was published May 24, 2022
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2022-26770 was published May 27, 2022
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2022-26718 was published May 27, 2022
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing... High Unreviewed
CVE-2019-15903 was published May 24, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of... High Unreviewed
CVE-2022-38429 was published Sep 17, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of... High Unreviewed
CVE-2022-38430 was published Sep 17, 2022
Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by a Heap-based... High Unreviewed
CVE-2022-38402 was published Sep 17, 2022
A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in... High Unreviewed
CVE-2021-20275 was published May 24, 2022
A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not... High Unreviewed
CVE-2020-24119 was published May 24, 2022
A memory corruption issue was addressed with improved validation. This issue is fixed in Security... High Unreviewed
CVE-2021-1808 was published May 24, 2022
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.0... High Unreviewed
CVE-2021-1404 was published May 24, 2022
An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based... High Unreviewed
CVE-2020-19750 was published May 24, 2022
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2022-26698 was published May 27, 2022
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is... High Unreviewed
CVE-2020-14125 was published Jun 9, 2022
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c. High Unreviewed
CVE-2022-32200 was published Jun 3, 2022
A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can... High Unreviewed
CVE-2021-20277 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database