Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

496 advisories

Loading
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level... Critical Unreviewed
CVE-2019-17040 was published May 24, 2022
An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid... Critical Unreviewed
CVE-2019-16411 was published May 24, 2022
An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 ... Critical Unreviewed
CVE-2019-15699 was published May 24, 2022
An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the... Critical Unreviewed
CVE-2019-16410 was published May 24, 2022
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x... Critical Unreviewed
CVE-2019-5521 was published May 24, 2022
Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension... Critical Unreviewed
CVE-2019-11926 was published May 24, 2022
Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension... Critical Unreviewed
CVE-2019-11925 was published May 24, 2022
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the... Critical Unreviewed
CVE-2019-15926 was published May 24, 2022
In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before... Critical Unreviewed
CVE-2019-5608 was published May 24, 2022
wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src... Critical Unreviewed
CVE-2019-15651 was published May 24, 2022
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds... Critical Unreviewed
CVE-2019-15505 was published May 24, 2022
stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load,... Critical Unreviewed
CVE-2019-15058 was published May 24, 2022
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660... Critical Unreviewed
CVE-2019-14531 was published May 24, 2022
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of... Critical Unreviewed
CVE-2019-14463 was published May 24, 2022
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of... Critical Unreviewed
CVE-2019-14462 was published May 24, 2022
An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at... Critical Unreviewed
CVE-2019-14197 was published May 24, 2022
In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function... Critical Unreviewed
CVE-2015-9290 was published May 24, 2022
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before... Critical Unreviewed
CVE-2019-5604 was published May 24, 2022
Possible out of bound read occurs while processing beaconing request due to lack of check on... Critical Unreviewed
CVE-2019-2276 was published May 24, 2022
Out of bound access when reason code is extracted from frame data without validating the frame... Critical Unreviewed
CVE-2019-2305 was published May 24, 2022
Possible integer underflow due to lack of validation before calculation of data length in 802.11... Critical Unreviewed
CVE-2019-2307 was published May 24, 2022
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has... Critical Unreviewed
CVE-2019-13962 was published May 24, 2022
MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling. Critical Unreviewed
CVE-2019-13470 was published May 24, 2022
njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c.... Critical Unreviewed
CVE-2019-13067 was published May 24, 2022
Function iconv_mime_decode_headers() in versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x... Critical Unreviewed
CVE-2019-11039 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database