GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
41 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: don't allow...
High
Unreviewed
CVE-2024-41011
was published
Jul 18, 2024
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of...
High
Unreviewed
CVE-2024-6287
was published
Jun 24, 2024
A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the...
High
Unreviewed
CVE-2023-2423
was published
Aug 8, 2023
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before...
High
Unreviewed
CVE-2023-35848
was published
Jun 19, 2023
Frontier's modexp precompile is slow for even modulus
High
CVE-2023-28431
was published
for
pallet-evm-precompile-modexp
(Rust)
Mar 21, 2023
nistec has Incorrect Calculation in Multiplication of unreduced P-256 scalars
High
CVE-2023-24533
was published
for
filippo.io/nistec
(Go)
Mar 1, 2023
An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti...
High
Unreviewed
CVE-2022-35258
was published
Dec 6, 2022
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1...
High
Unreviewed
CVE-2022-36795
was published
Oct 20, 2022
OpenZeppelin Contracts's GovernorVotesQuorumFraction updates to quorum may affect past defeated proposals
High
CVE-2022-31198
was published
for
@openzeppelin/contracts
(npm)
Aug 18, 2022
Uncontrolled Resource Consumption in fast-string-search
High
CVE-2022-22138
was published
for
fast-string-search
(npm)
Jun 18, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2021-31440
was published
May 24, 2022
A vulnerability has been identified in SCALANCE XM-400 Family (All versions < V6.4), SCALANCE XR...
High
Unreviewed
CVE-2020-28393
was published
May 24, 2022
The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an...
High
Unreviewed
CVE-2021-3004
was published
May 24, 2022
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to...
High
Unreviewed
CVE-2020-0022
was published
May 24, 2022
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading...
High
Unreviewed
CVE-2019-17514
was published
May 24, 2022
In FreeBSD 12.0-STABLE before r350222, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before...
High
Unreviewed
CVE-2019-5607
was published
May 24, 2022
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode...
High
Unreviewed
CVE-2017-0342
was published
May 17, 2022
espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point...
High
Unreviewed
CVE-2018-14439
was published
May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA...
High
Unreviewed
CVE-2017-9725
was published
May 13, 2022
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest...
High
Unreviewed
CVE-2017-8905
was published
May 13, 2022
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type...
High
Unreviewed
CVE-2017-8326
was published
May 13, 2022
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission...
High
Unreviewed
CVE-2017-13288
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android...
High
Unreviewed
CVE-2017-13151
was published
May 13, 2022
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS...
High
Unreviewed
CVE-2017-12134
was published
May 13, 2022
A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1...
High
Unreviewed
CVE-2017-0819
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API