Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,951 advisories

Loading
Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There... High Unreviewed
CVE-2021-43305 was published Mar 16, 2022
Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There... High Unreviewed
CVE-2021-43304 was published Mar 16, 2022
GPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box. High Unreviewed
CVE-2022-24575 was published Mar 15, 2022
GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c. High Unreviewed
CVE-2022-24578 was published Mar 15, 2022
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2. High Unreviewed
CVE-2022-0943 was published Mar 15, 2022
GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It can be triggered via MP4Box. High Unreviewed
CVE-2022-26967 was published Mar 13, 2022
Deeply nested json in jackson-databind High
CVE-2020-36518 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Mar 12, 2022
farbeiza-enverus stickycode
mr-c victornoel guima Zeouterlimits joschi JoshDM sunSUNQ
Credited to farbeiza-enverus, stickycode, mr-c, victornoel, guima, Zeouterlimits, joschi, JoshDM, and sunSUNQ
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack... High Unreviewed
CVE-2022-24095 was published Mar 12, 2022
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap... High Unreviewed
CVE-2022-24096 was published Mar 12, 2022
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack... High Unreviewed
CVE-2022-24094 was published Mar 12, 2022
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an out... High Unreviewed
CVE-2022-24097 was published Mar 12, 2022
There is a heap-based buffer overflow vulnerability in the video framework. Successful... High Unreviewed
CVE-2021-40060 was published Mar 11, 2022
There is a heap-based buffer overflow vulnerability in the video framework. Successful... High Unreviewed
CVE-2021-40058 was published Mar 11, 2022
There is a heap-based and stack-based buffer overflow vulnerability in the video framework.... High Unreviewed
CVE-2021-40057 was published Mar 11, 2022
There is a heap-based buffer overflow vulnerability in system components. Successful exploitation... High Unreviewed
CVE-2021-40064 was published Mar 11, 2022
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with... High Unreviewed
CVE-2022-0204 was published Mar 11, 2022
Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer overflow in the function... High Unreviewed
CVE-2021-46408 was published Mar 11, 2022
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4... High Unreviewed
CVE-2022-0891 was published Mar 11, 2022
A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and... High Unreviewed
CVE-2022-0903 was published Mar 11, 2022
In video decoder, there is a possible out of bounds write due to a missing bounds check. This... High Unreviewed
CVE-2022-20048 was published Mar 11, 2022
In video decoder, there is a possible out of bounds write due to a missing bounds check. This... High Unreviewed
CVE-2022-20047 was published Mar 11, 2022
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This... High Unreviewed
CVE-2022-20055 was published Mar 11, 2022
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One ... High Unreviewed
CVE-2022-21124 was published Mar 11, 2022
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One ... High Unreviewed
CVE-2022-25234 was published Mar 11, 2022
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime.... High Unreviewed
CVE-2022-25547 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database