Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

35 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by... High Unreviewed
CVE-2024-46852 was published Sep 27, 2024
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via ... High Unreviewed
CVE-2021-3156 was published May 24, 2022
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the... High Unreviewed
CVE-2024-32668 was published Sep 5, 2024
In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order... High Unreviewed
CVE-2024-43852 was published Aug 17, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one... High Unreviewed
CVE-2022-48732 was published Jun 20, 2024
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote... High Unreviewed
CVE-2024-36136 was published Aug 14, 2024
Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... High Unreviewed
CVE-2024-38440 was published Jun 16, 2024
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one... High Unreviewed
CVE-2022-48672 was published May 3, 2024
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-44444 was published May 3, 2024
Apache Tomcat - Fix for CVE-2023-24998 was incomplete High
CVE-2023-28709 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jul 6, 2023
westonsteimel
An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a... High Unreviewed
CVE-2022-33064 was published Jul 18, 2023
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and... High Unreviewed
CVE-2004-0005 was published Apr 29, 2022
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to... High Unreviewed
CVE-2001-0609 was published Apr 30, 2022
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows... High Unreviewed
CVE-2001-1496 was published Apr 30, 2022
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to... High Unreviewed
CVE-2003-0356 was published Apr 29, 2022
Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier... High Unreviewed
CVE-2002-1816 was published Apr 30, 2022
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before... High Unreviewed
CVE-2003-0252 was published Apr 29, 2022
Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows... High Unreviewed
CVE-2004-0346 was published Apr 29, 2022
incorrect storage layout for contracts containing large arrays High
CVE-2023-46247 was published for vyper (pip) Dec 13, 2023
Off-by-one error in simple-slab High
CVE-2020-35893 was published for simple-slab (Rust) Aug 25, 2021
tdunlap607
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of... High Unreviewed
CVE-2019-18423 was published May 24, 2022
A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of... High Unreviewed
CVE-2021-21938 was published Apr 15, 2022
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to... High Unreviewed
CVE-2021-3999 was published Aug 25, 2022
An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when... High Unreviewed
CVE-2018-9860 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite... High Unreviewed
CVE-2018-7329 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database