Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,983
Maven
5,000+
npm
3,701
NuGet
656
pip
3,324
Pub
11
RubyGems
882
Rust
835
Swift
35
Unreviewed advisories
All unreviewed
5,000+

92 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue... High Unreviewed
CVE-2024-49880 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: Fix... High Unreviewed
CVE-2024-49862 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix off by... High Unreviewed
CVE-2024-47686 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one... High Unreviewed
CVE-2024-47682 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by... High Unreviewed
CVE-2024-46852 was published Sep 27, 2024
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the... High Unreviewed
CVE-2024-32668 was published Sep 5, 2024
In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order... High Unreviewed
CVE-2024-43852 was published Aug 17, 2024
An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote... High Unreviewed
CVE-2024-36136 was published Aug 14, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one... High Unreviewed
CVE-2022-48732 was published Jun 20, 2024
Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... High Unreviewed
CVE-2024-38440 was published Jun 16, 2024
Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... Critical Unreviewed
CVE-2024-38441 was published Jun 16, 2024
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one... High Unreviewed
CVE-2022-48672 was published May 3, 2024
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-44444 was published May 3, 2024
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in... Moderate Unreviewed
CVE-2024-31585 was published Apr 17, 2024
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when... Moderate Unreviewed
CVE-2024-1441 was published Mar 11, 2024
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off... Moderate Unreviewed
CVE-2024-23849 was published Jan 23, 2024
incorrect storage layout for contracts containing large arrays High
CVE-2023-46247 was published for vyper (pip) Dec 13, 2023
In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy... Critical Unreviewed
CVE-2023-46853 was published Oct 27, 2023
Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64 Low
CVE-2023-41880 was published for wasmtime (Rust) Sep 14, 2023
afonso360
An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a... High Unreviewed
CVE-2022-33064 was published Jul 18, 2023
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an... Critical Unreviewed
CVE-2023-38429 was published Jul 18, 2023
Apache Tomcat - Fix for CVE-2023-24998 was incomplete High
CVE-2023-28709 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jul 6, 2023
westonsteimel
redis-py Race Condition vulnerability Moderate
CVE-2023-28858 was published for redis (pip) Mar 26, 2023
wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64 Low
CVE-2023-27477 was published for cranelift-codegen (Rust) Mar 9, 2023
afonso360
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. Moderate Unreviewed
CVE-2023-0818 was published Feb 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database