Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,071
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,890 advisories

Loading
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in ... Moderate Unreviewed
CVE-2021-45830 was published Jan 6, 2022
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c,... Moderate Unreviewed
CVE-2021-45832 was published Jan 6, 2022
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the... Moderate Unreviewed
CVE-2021-45833 was published Jan 6, 2022
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1... Moderate Unreviewed
CVE-2021-35093 was published Jan 4, 2022
uWebSockets 19.0.0 through 20.8.0 has an out-of-bounds write in std::__1::pair<unsigned int, void... Moderate Unreviewed
CVE-2021-45945 was published Jan 2, 2022
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and... Moderate Unreviewed
CVE-2021-45929 was published Jan 2, 2022
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and... Moderate Unreviewed
CVE-2021-45946 was published Jan 2, 2022
Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and... Moderate Unreviewed
CVE-2021-45947 was published Jan 2, 2022
Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in... Moderate Unreviewed
CVE-2021-45948 was published Jan 2, 2022
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private ... Moderate Unreviewed
CVE-2021-45950 was published Jan 2, 2022
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish ... Moderate Unreviewed
CVE-2021-45949 was published Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from... Moderate Unreviewed
CVE-2021-45936 was published Jan 2, 2022
Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from... Moderate Unreviewed
CVE-2021-45935 was published Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from... Moderate Unreviewed
CVE-2021-45934 was published Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called... Moderate Unreviewed
CVE-2021-45933 was published Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from... Moderate Unreviewed
CVE-2021-45937 was published Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called... Moderate Unreviewed
CVE-2021-45932 was published Jan 2, 2022
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds... Moderate Unreviewed
CVE-2021-45928 was published Jan 2, 2022
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from... Moderate Unreviewed
CVE-2021-45931 was published Jan 2, 2022
OpenEXR 3.1.0 through 3.1.3 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask:... Moderate Unreviewed
CVE-2021-45942 was published Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from... Moderate Unreviewed
CVE-2021-45939 was published Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from... Moderate Unreviewed
CVE-2021-45938 was published Jan 2, 2022
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called... Moderate Unreviewed
CVE-2021-45940 was published Jan 2, 2022
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called... Moderate Unreviewed
CVE-2021-45941 was published Jan 2, 2022
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile ... Moderate Unreviewed
CVE-2021-45943 was published Jan 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database