Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

11,096 advisories

Loading
Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). Critical Unreviewed
CVE-2021-45952 was published Jan 2, 2022
Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and... Critical Unreviewed
CVE-2021-45953 was published Jan 2, 2022
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish ... Moderate Unreviewed
CVE-2021-45949 was published Jan 2, 2022
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private ... Moderate Unreviewed
CVE-2021-45950 was published Jan 2, 2022
Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in... Moderate Unreviewed
CVE-2021-45948 was published Jan 2, 2022
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and... Moderate Unreviewed
CVE-2021-45946 was published Jan 2, 2022
Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and... Moderate Unreviewed
CVE-2021-45947 was published Jan 2, 2022
uWebSockets 19.0.0 through 20.8.0 has an out-of-bounds write in std::__1::pair<unsigned int, void... Moderate Unreviewed
CVE-2021-45945 was published Jan 2, 2022
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and... Moderate Unreviewed
CVE-2021-45929 was published Jan 2, 2022
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of... Critical Unreviewed
CVE-2021-39990 was published Jan 4, 2022
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper... High Unreviewed
CVE-2021-44158 was published Jan 4, 2022
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1... Moderate Unreviewed
CVE-2021-35093 was published Jan 4, 2022
VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware... High Unreviewed
CVE-2021-22045 was published Jan 5, 2022
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior... Critical Unreviewed
CVE-2021-24042 was published Jan 5, 2022
In vow driver, there is a possible memory corruption due to improper input validation. This could... Moderate Unreviewed
CVE-2022-20014 was published Jan 5, 2022
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the... Moderate Unreviewed
CVE-2021-45833 was published Jan 6, 2022
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c,... Moderate Unreviewed
CVE-2021-45832 was published Jan 6, 2022
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in ... Moderate Unreviewed
CVE-2021-45830 was published Jan 6, 2022
Out-of-bounds Write in nix Moderate
CVE-2021-45707 was published for nix (Rust) Jan 6, 2022
Polyhistorian
Out-of-bounds Write and Race Condition in metrics-util High
CVE-2021-45704 was published for metrics-util (Rust) Jan 6, 2022
Out-of-bounds Write in vec-const High
CVE-2021-45680 was published for vec-const (Rust) Jan 6, 2022
Out-of-bounds Write in derive-com-impl High
CVE-2021-45681 was published for derive-com-impl (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25025 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25026 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25024 was published for actix-web (Rust) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database