Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

78 advisories

Loading
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the... High Unreviewed
CVE-2024-32668 was published Sep 5, 2024
In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order... High Unreviewed
CVE-2024-43852 was published Aug 17, 2024
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote... High Unreviewed
CVE-2024-36136 was published Aug 14, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one... High Unreviewed
CVE-2022-48732 was published Jun 20, 2024
Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... Critical Unreviewed
CVE-2024-38441 was published Jun 16, 2024
Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... High Unreviewed
CVE-2024-38440 was published Jun 16, 2024
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one... High Unreviewed
CVE-2022-48672 was published May 3, 2024
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-44444 was published May 3, 2024
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in... Moderate Unreviewed
CVE-2024-31585 was published Apr 17, 2024
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when... Moderate Unreviewed
CVE-2024-1441 was published Mar 11, 2024
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off... Moderate Unreviewed
CVE-2024-23849 was published Jan 23, 2024
In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy... Critical Unreviewed
CVE-2023-46853 was published Oct 27, 2023
An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a... High Unreviewed
CVE-2022-33064 was published Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an... Critical Unreviewed
CVE-2023-38429 was published Jul 18, 2023
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. Moderate Unreviewed
CVE-2023-0818 was published Feb 14, 2023
A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master... Moderate Unreviewed
CVE-2022-36354 was published Dec 23, 2022
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c.... Moderate Unreviewed
CVE-2022-3821 was published Nov 9, 2022
An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading... High Unreviewed
CVE-2022-3872 was published Nov 8, 2022
off-by-one in io_uring module. High Unreviewed
CVE-2022-3103 was published Sep 27, 2022
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to... High Unreviewed
CVE-2021-3999 was published Aug 25, 2022
An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c.... High Unreviewed
CVE-2020-27793 was published Aug 20, 2022
Crow before v1.0+4 was discovered to contain a buffer overflow via the function qs_parse at... Critical Unreviewed
CVE-2022-34970 was published Aug 5, 2022
Windows Kernel Denial of Service Vulnerability. Moderate Unreviewed
CVE-2022-30155 was published Jun 16, 2022
A security issue in nginx resolver was identified, which might allow an attacker who is able to... Critical Unreviewed
CVE-2021-23017 was published May 24, 2022
In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off... Critical Unreviewed
CVE-2021-31875 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database