Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

42 advisories

Loading
Off-by-one error in simple-slab High
CVE-2020-35893 was published for simple-slab (Rust) Aug 25, 2021
tdunlap607
A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of... High Unreviewed
CVE-2021-21938 was published Apr 15, 2022
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before... High Unreviewed
CVE-2003-0252 was published Apr 29, 2022
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to... High Unreviewed
CVE-2003-0356 was published Apr 29, 2022
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and... High Unreviewed
CVE-2004-0005 was published Apr 29, 2022
Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows... High Unreviewed
CVE-2004-0346 was published Apr 29, 2022
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by... High Unreviewed
CVE-2019-3813 was published Apr 30, 2022
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to... High Unreviewed
CVE-2001-0609 was published Apr 30, 2022
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows... High Unreviewed
CVE-2001-1496 was published Apr 30, 2022
Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier... High Unreviewed
CVE-2002-1816 was published Apr 30, 2022
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in... High Unreviewed
CVE-2010-3454 was published May 13, 2022
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one... High Unreviewed
CVE-2018-14682 was published May 13, 2022
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in... High Unreviewed
CVE-2010-1773 was published May 13, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by... High Unreviewed
CVE-2017-9720 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite... High Unreviewed
CVE-2018-7329 was published May 13, 2022
An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when... High Unreviewed
CVE-2018-9860 was published May 13, 2022
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the... High Unreviewed
CVE-2019-10131 was published May 24, 2022
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of... High Unreviewed
CVE-2019-18423 was published May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial... High Unreviewed
CVE-2020-29040 was published May 24, 2022
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via ... High Unreviewed
CVE-2021-3156 was published May 24, 2022
An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c.... High Unreviewed
CVE-2020-27793 was published Aug 20, 2022
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to... High Unreviewed
CVE-2021-3999 was published Aug 25, 2022
off-by-one in io_uring module. High Unreviewed
CVE-2022-3103 was published Sep 27, 2022
An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading... High Unreviewed
CVE-2022-3872 was published Nov 8, 2022
Apache Tomcat - Fix for CVE-2023-24998 was incomplete High
CVE-2023-28709 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jul 6, 2023
westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database