Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

707 advisories

Loading
An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the... High Unreviewed
CVE-2022-22188 was published Apr 15, 2022
Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft... High Unreviewed
CVE-2021-21944 was published Apr 15, 2022
A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of... High Unreviewed
CVE-2021-21914 was published Apr 15, 2022
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image... High Unreviewed
CVE-2021-21947 was published Apr 15, 2022
A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality of AnyCubic... High Unreviewed
CVE-2021-21948 was published Apr 15, 2022
A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft... High Unreviewed
CVE-2021-21943 was published Apr 15, 2022
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image... High Unreviewed
CVE-2021-21946 was published Apr 15, 2022
Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft... High Unreviewed
CVE-2021-21945 was published Apr 15, 2022
A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of... High Unreviewed
CVE-2021-40426 was published Apr 15, 2022
The affected product is vulnerable to a heap-based buffer overflow, which may lead to code... High Unreviewed
CVE-2022-21214 was published Apr 13, 2022
heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2.... Critical Unreviewed
CVE-2022-1286 was published Apr 11, 2022
Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to 1.0.8. Critical Unreviewed
CVE-2022-1253 was published Apr 7, 2022
Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2... High Unreviewed
CVE-2022-1240 was published Apr 7, 2022
heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is... Moderate Unreviewed
CVE-2022-1244 was published Apr 6, 2022
Buffer Overflow in yajl-ruby Moderate
CVE-2022-24795 was published for yajl-ruby (RubyGems) Apr 5, 2022
jhawthorn
heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2. High Unreviewed
CVE-2022-1160 was published Mar 31, 2022
Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5... Moderate Unreviewed
CVE-2022-1052 was published Mar 25, 2022
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2. High Unreviewed
CVE-2022-0943 was published Mar 15, 2022
Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap... High Unreviewed
CVE-2022-24096 was published Mar 12, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Critical Unreviewed
CVE-2021-42018 was published Mar 9, 2022
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. High Unreviewed
CVE-2022-0676 was published Feb 23, 2022
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Moderate Unreviewed
CVE-2022-0714 was published Feb 23, 2022
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. Critical Unreviewed
CVE-2022-0631 was published Feb 19, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-46577 was published Feb 19, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-46603 was published Feb 19, 2022
ProTip! Advisories are also available from the GraphQL API