Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,409
Erlang
33
GitHub Actions
22
Go
2,144
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

501 advisories

Loading
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an... Critical Unreviewed
CVE-2022-20472 was published Dec 13, 2022
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an... Critical Unreviewed
CVE-2022-20473 was published Dec 13, 2022
PaddlePaddle Out-of-bounds Read vulnerability Critical
CVE-2022-46741 was published for paddlepaddle (pip) Dec 7, 2022
Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the... Critical Unreviewed
CVE-2022-45313 was published Dec 5, 2022
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp... Critical Unreviewed
CVE-2022-45315 was published Dec 5, 2022
drachtio-server 0.8.18 has a heap-based buffer over-read via a long Request-URI in an INVITE... Critical Unreviewed
CVE-2022-45909 was published Nov 26, 2022
DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of... Critical Unreviewed
CVE-2022-36938 was published Nov 11, 2022
Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR... Critical Unreviewed
CVE-2022-39881 was published Nov 10, 2022
In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then... Critical Unreviewed
CVE-2022-42905 was published Nov 7, 2022
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects... Critical Unreviewed
CVE-2021-46848 was published Oct 24, 2022
Information disclosure in WLAN due to improper length check while processing authentication... Critical Unreviewed
CVE-2022-25719 was published Oct 19, 2022
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification... Critical Unreviewed
CVE-2021-46840 was published Oct 14, 2022
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful... Critical Unreviewed
CVE-2021-46839 was published Oct 14, 2022
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation... Critical Unreviewed
CVE-2022-37032 was published Sep 20, 2022
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this... Critical Unreviewed
CVE-2021-40019 was published Sep 17, 2022
The path in this case is a little bit convoluted. The end result is that via an ioctl an... Critical Unreviewed
CVE-2021-0942 was published Sep 14, 2022
An out-of-bounds read can occur while parsing a server certificate due to improper length check... Critical Unreviewed
CVE-2022-22062 was published Sep 3, 2022
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for... Critical Unreviewed
CVE-2019-15167 was published Aug 28, 2022
An attacker who submits a crafted tar file with size in header struct being 0 may be able to... Critical Unreviewed
CVE-2021-33643 was published Aug 11, 2022
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote... Critical Unreviewed
CVE-2022-2010 was published Jul 29, 2022
sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the... Critical Unreviewed
CVE-2021-41556 was published Jul 29, 2022
Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi... Critical Unreviewed
CVE-2022-33319 was published Jul 21, 2022
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h. Critical Unreviewed
CVE-2022-34029 was published Jul 19, 2022
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.2.0. In some configurations,... Critical Unreviewed
CVE-2022-35409 was published Jul 16, 2022
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key... Critical Unreviewed
CVE-2021-35083 was published Jun 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database