Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

60 advisories

Loading
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier)... Low Unreviewed
CVE-2021-21046 was published May 24, 2022
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. Low Unreviewed
CVE-2022-2061 was published Jun 14, 2022
A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR... Low Unreviewed
CVE-2020-8230 was published May 24, 2022
RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are... Low Unreviewed
CVE-2019-3729 was published May 24, 2022
In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a... Low Unreviewed
CVE-2022-20526 was published Dec 20, 2022
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture... Low Unreviewed
CVE-2020-9391 was published May 24, 2022
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the... Low Unreviewed
CVE-2022-41595 was published Oct 14, 2022
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to... Low Unreviewed
CVE-2020-8937 was published May 24, 2022
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to... Low Unreviewed
CVE-2020-8938 was published May 24, 2022
Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may... Low Unreviewed
CVE-2021-34397 was published May 24, 2022
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range... Low Unreviewed
CVE-2020-10029 was published May 24, 2022
An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a... Low Unreviewed
CVE-2020-15306 was published May 24, 2022
Denial of Service via stack overflow Low
CVE-2022-40155 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022 withdrawn
Denial of Service via stack overflow Low
CVE-2022-40154 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022 withdrawn
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted... Low Unreviewed
CVE-2022-31699 was published Dec 13, 2022
In QEMU 4.2.0, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame... Low Unreviewed
CVE-2020-13361 was published May 24, 2022
The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on... Low Unreviewed
CVE-2010-1451 was published May 2, 2022
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer... Low Unreviewed
CVE-2019-18391 was published May 24, 2022
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python... Low Unreviewed
CVE-2018-1000030 was published May 13, 2022
Denial of service in Tendermint Low
CVE-2020-5303 was published for github.com/tendermint/tendermint (Go) May 27, 2021
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has... Low Unreviewed
CVE-2020-13398 was published May 24, 2022
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability... Low Unreviewed
CVE-2021-36054 was published May 24, 2022
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a... Low Unreviewed
CVE-2023-4016 was published Aug 2, 2023
wasmtime_trap_code C API function has out of bounds write vulnerability Low
CVE-2022-39394 was published for wasmtime (Rust) Feb 1, 2024
kpreisser
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in... Low Unreviewed
CVE-2024-2971 was published Mar 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database