Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,996
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,545
NuGet
620
pip
3,136
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,331 advisories

Loading
Out-of-bounds Read in base64-url High
GHSA-j4mr-9xw3-c9jx was published for base64-url (npm) May 31, 2019
Out-of-bounds Read in concat-with-sourcemaps Moderate
GHSA-2xv3-h762-ccxv was published for concat-with-sourcemaps (npm) May 29, 2019
Out-of-bounds Read in npmconf Moderate
GHSA-57cf-349j-352g was published for npmconf (npm) Jun 12, 2019
Out-of-bounds Read in byte Moderate
GHSA-xm7f-x4wx-wmgv was published for byte (npm) Jun 4, 2019
Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory. Moderate
CVE-2018-21233 was published for tensorflow (pip) May 13, 2020
Denial of Service in https-proxy-agent Critical
CVE-2018-3739 was published for https-proxy-agent (npm) Jul 27, 2018
kurt-r2c
Out-of-bounds Read in njwt Low
GHSA-g3qw-9pgp-xpj4 was published for njwt (npm) Sep 1, 2020
Heap out of bounds access in MakeEdge in TensorFlow Low
CVE-2020-26271 was published for tensorflow (pip) Dec 10, 2020
Out-of-Bounds read in stringstream Moderate
GHSA-qpw2-xchm-655q was published for stringstream (npm) Jan 6, 2022 withdrawn
Out-of-bounds Read in OpenCV High
CVE-2017-18009 was published for opencv-contrib-python (pip) Oct 12, 2021
Out of bounds read in bumpalo High
CVE-2020-35861 was published for bumpalo (Rust) Aug 25, 2021
A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted... Moderate Unreviewed
CVE-2019-20021 was published May 24, 2022
Memory access due to code generation flaw in Cranelift module High
CVE-2021-32629 was published for cranelift-codegen (Rust) Aug 25, 2021
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read... Moderate Unreviewed
CVE-2018-4933 was published May 14, 2022
Out of bounds read in simple-slab Critical
CVE-2020-35892 was published for simple-slab (Rust) Aug 25, 2021
Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One ... High Unreviewed
CVE-2022-21219 was published Mar 11, 2022
abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam... Moderate Unreviewed
CVE-2021-32434 was published Mar 11, 2022
An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote... Moderate Unreviewed
CVE-2021-32436 was published Mar 11, 2022
Adobe Photoshop versions 23.1.1 (and earlier) and 22.5.5 (and earlier) are affected by an out-of... Moderate Unreviewed
CVE-2022-24090 was published Mar 12, 2022
Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c... Moderate Unreviewed
CVE-2021-34342 was published Mar 11, 2022
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function... Critical Unreviewed
CVE-2021-33293 was published Mar 11, 2022
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile... Moderate Unreviewed
CVE-2021-34341 was published Mar 11, 2022
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this... Critical Unreviewed
CVE-2021-40050 was published Mar 11, 2022
Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when... High Unreviewed
CVE-2021-42720 was published Mar 17, 2022
Adobe Character Animator version 4.4 (and earlier versions) are affected by an out-of-bounds read... Low Unreviewed
CVE-2021-40769 was published Mar 17, 2022
ProTip! Advisories are also available from the GraphQL API