Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,044
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,437 advisories

Loading
A vulnerability, which was classified as critical, has been found in Exiv2. Affected by this... Critical Unreviewed
CVE-2022-3717 was published Oct 27, 2022
A vulnerability has been found in Exiv2 and classified as critical. This vulnerability affects... Critical Unreviewed
CVE-2022-3719 was published Oct 27, 2022
DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of... Critical Unreviewed
CVE-2022-36938 was published Nov 11, 2022
Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions... Critical Unreviewed
CVE-2022-29486 was published Nov 11, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Silicon... Critical Unreviewed
CVE-2022-24937 was published Nov 14, 2022
The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap... Critical Unreviewed
CVE-2022-4291 was published Dec 8, 2022
Certain HP Print products and Digital Sending products may be vulnerable to potential remote code... Critical Unreviewed
CVE-2021-3942 was published Dec 12, 2022
A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the... Critical Unreviewed
CVE-2020-36619 was published Dec 19, 2022
Product: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A Critical Unreviewed
CVE-2022-42529 was published Dec 21, 2022
A vulnerability, which was classified as critical, has been found in sslh. This issue affects the... Critical Unreviewed
CVE-2022-4639 was published Dec 22, 2022
Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla... Critical Unreviewed
CVE-2022-31748 was published Dec 22, 2022
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported... Critical Unreviewed
CVE-2022-31747 was published Dec 22, 2022
On arm64, WASM code could have resulted in incorrect assembly generation leading to a register... Critical Unreviewed
CVE-2022-31740 was published Dec 22, 2022
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid... Critical Unreviewed
CVE-2022-3715 was published Jan 5, 2023
Lack of verification in B&R APROL Tbase server versions < R 4.2-07 may lead to memory leaks when... Critical Unreviewed
CVE-2022-43762 was published Feb 8, 2023
Pre-auth memory corruption in HPE Serviceguard Critical Unreviewed
CVE-2022-37937 was published Mar 1, 2023
Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote... Critical Unreviewed
CVE-2023-1529 was published Mar 21, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2022-2848 was published Mar 29, 2023
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused... Critical Unreviewed
CVE-2023-27284 was published Apr 2, 2023
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused... Critical Unreviewed
CVE-2023-27286 was published Apr 2, 2023
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow... Critical Unreviewed
CVE-2021-33797 was published Apr 18, 2023
A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which... Critical Unreviewed
CVE-2021-46760 was published May 9, 2023
The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP... Critical Unreviewed
CVE-2023-35871 was published Jul 11, 2023
All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted... Critical Unreviewed
CVE-2023-1437 was published Aug 3, 2023
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. Critical Unreviewed
CVE-2023-28581 was published Sep 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database