Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,852 advisories

Loading
Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in... Moderate Unreviewed
CVE-2021-45948 was published Jan 2, 2022
uWebSockets 19.0.0 through 20.8.0 has an out-of-bounds write in std::__1::pair<unsigned int, void... Moderate Unreviewed
CVE-2021-45945 was published Jan 2, 2022
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and... Moderate Unreviewed
CVE-2021-45929 was published Jan 2, 2022
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1... Moderate Unreviewed
CVE-2021-35093 was published Jan 4, 2022
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the... Moderate Unreviewed
CVE-2021-45833 was published Jan 6, 2022
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in ... Moderate Unreviewed
CVE-2021-45830 was published Jan 6, 2022
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c,... Moderate Unreviewed
CVE-2021-45832 was published Jan 6, 2022
Out-of-bounds Write in nix Moderate
CVE-2021-45707 was published for nix (Rust) Jan 6, 2022
Polyhistorian
In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward... Moderate Unreviewed
CVE-2022-22707 was published Jan 7, 2022
A Stack Overflow vulnerability exists in Binaryen 103 via the printf_common function. Moderate Unreviewed
CVE-2021-46050 was published Jan 11, 2022
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful... Moderate Unreviewed
CVE-2021-40009 was published Jan 11, 2022
A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function... Moderate Unreviewed
CVE-2021-36410 was published Jan 12, 2022
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the... Moderate Unreviewed
CVE-2021-37530 was published Jan 13, 2022
Spin v6.5.1 was discovered to contain an out-of-bounds write in lex() at spinlex.c. Moderate Unreviewed
CVE-2021-46168 was published Jan 15, 2022
UltraJSON vulnerable to Out-of-bounds Write Moderate
CVE-2021-45958 was published for ujson (pip) Jan 21, 2022
JustAnotherArchivist
GPAC v1.1.0 was discovered to contain a stack overflow via the function gf_node_get_name () at... Moderate Unreviewed
CVE-2021-46238 was published Jan 22, 2022
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiValueObjDelete in src... Moderate Unreviewed
CVE-2021-46480 was published Jan 26, 2022
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiClearStack in src/jsiEval.c.... Moderate Unreviewed
CVE-2021-46478 was published Jan 26, 2022
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsi_ArraySliceCmd in src... Moderate Unreviewed
CVE-2021-46475 was published Jan 26, 2022
Jsish v3.5.0 was discovered to contain a heap buffer overflow via RegExp_constructor in src... Moderate Unreviewed
CVE-2021-46477 was published Jan 26, 2022
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiEvalCodeSub in src/jsiEval.c... Moderate Unreviewed
CVE-2021-46474 was published Jan 26, 2022
Jsish v3.5.0 was discovered to contain a stack overflow via Jsi_LogMsg at src/jsiUtils.c. Moderate Unreviewed
CVE-2021-46507 was published Jan 28, 2022
Jsish v3.5.0 was discovered to contain a stack overflow via /usr/lib/x86_64-linux-gnu/libasan.so... Moderate Unreviewed
CVE-2021-46505 was published Jan 28, 2022
Out-of-bounds Write in iText Moderate
CVE-2022-24197 was published for com.itextpdf:itext7-core (Maven) Feb 2, 2022
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate... Moderate Unreviewed
CVE-2021-45930 was published Feb 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database