GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,823 advisories
Filter by severity
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private ...
Moderate
Unreviewed
CVE-2021-45950
was published
Jan 2, 2022
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish ...
Moderate
Unreviewed
CVE-2021-45949
was published
Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called...
Moderate
Unreviewed
CVE-2021-45933
was published
Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from...
Moderate
Unreviewed
CVE-2021-45934
was published
Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from...
Moderate
Unreviewed
CVE-2021-45937
was published
Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called...
Moderate
Unreviewed
CVE-2021-45932
was published
Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from...
Moderate
Unreviewed
CVE-2021-45936
was published
Jan 2, 2022
Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from...
Moderate
Unreviewed
CVE-2021-45935
was published
Jan 2, 2022
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from...
Moderate
Unreviewed
CVE-2021-45931
was published
Jan 2, 2022
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds...
Moderate
Unreviewed
CVE-2021-45928
was published
Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from...
Moderate
Unreviewed
CVE-2021-45938
was published
Jan 2, 2022
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from...
Moderate
Unreviewed
CVE-2021-45939
was published
Jan 2, 2022
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called...
Moderate
Unreviewed
CVE-2021-45940
was published
Jan 2, 2022
OpenEXR 3.1.0 through 3.1.3 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask:...
Moderate
Unreviewed
CVE-2021-45942
was published
Jan 2, 2022
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called...
Moderate
Unreviewed
CVE-2021-45941
was published
Jan 2, 2022
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile ...
Moderate
Unreviewed
CVE-2021-45943
was published
Jan 2, 2022
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user....
Moderate
Unreviewed
CVE-2021-45604
was published
Dec 27, 2021
A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_dec_proto_list function,...
Moderate
Unreviewed
CVE-2021-45258
was published
Dec 23, 2021
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability...
Moderate
Unreviewed
CVE-2021-43024
was published
Dec 21, 2021
In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2021-0894
was published
Dec 18, 2021
In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2021-0897
was published
Dec 18, 2021
In MPEG4Source::read of MPEG4Extractor.cpp, there is a possible out of bounds write due to a...
Moderate
Unreviewed
CVE-2021-0971
was published
Dec 16, 2021
In phNxpNHal_DtaUpdate of phNxpNciHal_dta.cc, there is a possible out of bounds write due to an...
Moderate
Unreviewed
CVE-2021-0977
was published
Dec 16, 2021
In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap...
Moderate
Unreviewed
CVE-2021-1001
was published
Dec 16, 2021
In sec_ts_parsing_cmds of (TBD), there is a possible out of bounds write due to an incorrect...
Moderate
Unreviewed
CVE-2021-39652
was published
Dec 16, 2021
ProTip!
Advisories are also available from the
GraphQL API