Security Advisories · google/security-research · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

FFmpeg: Heap Out-Of-Bounds Write in build_open_gop_key_points
GHSA-vhxg-9wfx-7fcj published Sep 28, 2022 by rcorrea35

High
Dell: iDRAC Locked-down Configuration Bypass
GHSA-vv3q-fxxr-mcgf published Dec 14, 2022 by rcorrea35

Moderate
KubeVirt: Arbitrary host file read from the VM
GHSA-cvx8-ppmc-78hm published Aug 9, 2022 by rcorrea35

Moderate
Bleve Library: Traversal Vulnerabilities in Create / Delete IndexHandler
GHSA-gc7p-j7x8-h873 published Oct 3, 2022 by rcorrea35

Low
Linux: LoadPin bypass via dm-verity table reload
GHSA-6vq3-w69p-w63m published Jul 11, 2022 by rcorrea35

High
Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
GHSA-6m8q-r22q-vfxh published Jul 18, 2022 by rcorrea35

Moderate
Apple: Heap-based Buffer Overflow in libresolv
GHSA-6cjw-q72j-mh57 published Jun 15, 2022 by sirdarckcat

Critical
Apple: ImageIO renders uninitialized heap memory
GHSA-4gcf-xm6q-qph7 published Apr 25, 2022 by sirdarckcat

Moderate
Apache: Code execution in log4j2
GHSA-ggmf-hg75-88gg published Feb 14, 2022 by sirdarckcat

High
Node: Node.js certificate verification bypass via string injection
GHSA-qj66-5v86-jmjc published Jan 29, 2022 by sirdarckcat

Moderate