Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,871
Erlang
29
GitHub Actions
16
Go
1,721
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
777
Swift
34
Unreviewed advisories
All unreviewed
5,000+

8 advisories

A heap-based buffer overflow vulnerability exists in the create_png_object functionality of... Critical Unreviewed
CVE-2023-32614 was published Sep 25, 2023
A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0... High Unreviewed
CVE-2022-33896 was published Oct 7, 2022
XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which... High Unreviewed
CVE-2021-36064 was published May 24, 2022
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer... Moderate Unreviewed
CVE-2018-5388 was published May 13, 2022
A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE... High Unreviewed
CVE-2022-20683 was published Apr 16, 2022
Buffer length underflow in LoginPacket causing unchecked exceptions to be thrown High
GHSA-5jfw-35xp-5m42 was published for pocketmine/bedrock-protocol (Composer) Apr 5, 2022
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. Critical Unreviewed
CVE-2021-38578 was published Mar 4, 2022
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. Critical Unreviewed
CVE-2021-38575 was published Dec 2, 2021
ProTip! Advisories are also available from the GraphQL API