Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,494
Maven
5,000+
npm
4,129
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

507 advisories

Loading
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML... Critical Unreviewed
CVE-2025-49796 was published Jun 16, 2025
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer... Critical Unreviewed
CVE-2025-57052 was published Sep 3, 2025
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. Critical Unreviewed
CVE-2021-30194 was published May 24, 2022
Insufficient input validation leading to memory overread on the NetScaler Management Interface... Critical Unreviewed
CVE-2025-5777 was published Jun 17, 2025
Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can... Critical Unreviewed
CVE-2024-22004 was published Apr 5, 2024
In isSlotMarkedSuccessful of BootControl.cpp, there is a possible out of bounds read due to a... Critical Unreviewed
CVE-2024-47039 was published Dec 18, 2024
LuaJIT through 2.1 has an out-of-bounds read in the stack-overflow handler in lj_state.c Critical Unreviewed
CVE-2024-25178 was published Jul 7, 2025
An issue was discovered in COROS PACE 3 through 3.0808.0. Due to an out-of-bounds read... Critical Unreviewed
CVE-2025-48706 was published Jun 20, 2025
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows... Critical Unreviewed
CVE-2021-42144 was published Jan 24, 2024
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of... Critical Unreviewed
CVE-2025-2884 was published Jun 10, 2025
Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through... Critical Unreviewed
CVE-2021-42147 was published Jan 24, 2024
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful... Critical Unreviewed
CVE-2021-46839 was published Oct 14, 2022
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification... Critical Unreviewed
CVE-2021-46840 was published Oct 14, 2022
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980,... Critical Unreviewed
CVE-2025-27891 was published May 14, 2025
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful... Critical Unreviewed
CVE-2022-41581 was published Oct 14, 2022
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects... Critical Unreviewed
CVE-2021-46848 was published Oct 24, 2022
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of... Critical Unreviewed
CVE-2021-42374 was published May 24, 2022
In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then... Critical Unreviewed
CVE-2022-42905 was published Nov 7, 2022
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap... Critical Unreviewed
CVE-2022-46393 was published Dec 16, 2022
A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx... Critical Unreviewed
CVE-2017-12369 was published May 13, 2022
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a... Critical Unreviewed
CVE-2017-16548 was published May 13, 2022
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a... Critical Unreviewed
CVE-2017-16840 was published May 13, 2022
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac,... Critical Unreviewed
CVE-2017-5053 was published May 13, 2022
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in... Critical Unreviewed
CVE-2017-7544 was published May 13, 2022
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png... Critical Unreviewed
CVE-2017-13139 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database