Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,873
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

114 advisories

Loading
In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer... Moderate Unreviewed
CVE-2025-54349 was published Aug 3, 2025
Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in... Moderate Unreviewed
CVE-2025-52497 was published Jul 4, 2025
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in... Moderate Unreviewed
CVE-2024-31585 was published Apr 17, 2024
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status... Moderate Unreviewed
CVE-2025-47711 was published Jun 9, 2025
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects... Critical Unreviewed
CVE-2021-46848 was published Oct 24, 2022
An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading... High Unreviewed
CVE-2022-3872 was published Nov 8, 2022
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c.... Moderate Unreviewed
CVE-2022-3821 was published Nov 9, 2022
Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86_64 Low
CVE-2023-41880 was published for wasmtime (Rust) Sep 14, 2023
afonso360
wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64 Low
CVE-2023-27477 was published for cranelift-codegen (Rust) Mar 9, 2023
afonso360
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix off-by... Moderate Unreviewed
CVE-2025-37893 was published Apr 18, 2025
GoBGP does not verify that the input length Moderate
CVE-2025-43973 was published for github.com/osrg/gobgp (Go) Apr 21, 2025
GoBGP panics due to a zero value for softwareVersionLen High
CVE-2025-43971 was published for github.com/osrg/gobgp (Go) Apr 21, 2025
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and... Critical Unreviewed
CVE-2016-10160 was published May 14, 2022
An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.19. It allows... High Unreviewed
CVE-2022-47517 was published Dec 18, 2022
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Off by one in... Moderate Unreviewed
CVE-2022-49365 was published Apr 14, 2025
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when... Moderate Unreviewed
CVE-2024-1441 was published Mar 11, 2024
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2... Moderate Unreviewed
CVE-2007-2052 was published May 1, 2022
httpd.c in atophttpd 2.8.0 has an off-by-one error and resultant out-of-bounds read because a... Moderate Unreviewed
CVE-2025-30742 was published Mar 26, 2025
Off-by-one error vulnerability in the transmission component in Synology Replication Service... Critical Unreviewed
CVE-2024-10442 was published Mar 19, 2025
In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_420xx - fix... Moderate Unreviewed
CVE-2024-53163 was published Dec 24, 2024
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx-... Moderate Unreviewed
CVE-2024-26766 was published Apr 3, 2024
sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap... High Unreviewed
CVE-2024-57259 was published Feb 19, 2025
Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an... Moderate Unreviewed
CVE-2024-48854 was published Jan 14, 2025
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes... Moderate Unreviewed
CVE-2024-56720 was published Dec 29, 2024
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix... Moderate Unreviewed
CVE-2024-53149 was published Dec 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database