Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,942 advisories

Loading
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2022-22651 was published Mar 19, 2022
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2022-22631 was published Mar 19, 2022
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15... High Unreviewed
CVE-2022-22640 was published Mar 19, 2022
A memory corruption issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2022-22633 was published Mar 19, 2022
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15... High Unreviewed
CVE-2022-22666 was published Mar 19, 2022
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204... High Unreviewed
CVE-2022-24091 was published Mar 19, 2022
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204... High Unreviewed
CVE-2022-24092 was published Mar 19, 2022
EOS v2.1.0 was discovered to contain a heap-buffer-overflow via the function txn_test_gen_plugin. High Unreviewed
CVE-2022-26300 was published Mar 18, 2022
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function... High Unreviewed
CVE-2022-25516 was published Mar 18, 2022
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT()... High Unreviewed
CVE-2022-25514 was published Mar 18, 2022
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG()... High Unreviewed
CVE-2022-25515 was published Mar 18, 2022
The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails... High Unreviewed
CVE-2022-25949 was published Mar 18, 2022
In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due... High Unreviewed
CVE-2021-39685 was published Mar 17, 2022
In copy_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2021-39732 was published Mar 17, 2022
In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due... High Unreviewed
CVE-2021-39793 was published Mar 17, 2022
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based... High Unreviewed
CVE-2021-41987 was published Mar 17, 2022
Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There... High Unreviewed
CVE-2021-43304 was published Mar 16, 2022
Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There... High Unreviewed
CVE-2021-43305 was published Mar 16, 2022
GPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box. High Unreviewed
CVE-2022-24575 was published Mar 15, 2022
GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c. High Unreviewed
CVE-2022-24578 was published Mar 15, 2022
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2. High Unreviewed
CVE-2022-0943 was published Mar 15, 2022
GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It can be triggered via MP4Box. High Unreviewed
CVE-2022-26967 was published Mar 13, 2022
Deeply nested json in jackson-databind High
CVE-2020-36518 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Mar 12, 2022
farbeiza-enverus stickycode
mr-c victornoel guima Zeouterlimits joschi JoshDM sunSUNQ
Credited to farbeiza-enverus, stickycode, mr-c, victornoel, guima, Zeouterlimits, joschi, JoshDM, and sunSUNQ
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack... High Unreviewed
CVE-2022-24095 was published Mar 12, 2022
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap... High Unreviewed
CVE-2022-24096 was published Mar 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database