GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
87 advisories
Filter by severity
Sensitive Data Exposure in msrcrypto
Critical
CVE-2018-8319
was published
for
msrcrypto
(npm)
Sep 10, 2018
Incorrect Calculation in bigint-money
Low
GHSA-9r3m-mhfm-39cm
was published
for
bigint-money
(npm)
Sep 11, 2020
Incorrect Calculation and Use of Insufficiently Random Values in Python
Moderate
Unreviewed
CVE-2020-14422
was published
May 11, 2021
Erroneous Proof of Work calculation in geth
Moderate
CVE-2020-26240
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Shallow copy bug in geth
Moderate
CVE-2020-26241
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Consensus flaw during block processing in github.com/ethereum/go-ethereum
Moderate
CVE-2020-26265
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Incorrect TCR calculation in batchLiquidateTroves() during Recovery Mode
Low
GHSA-xh2p-7p87-fhgh
was published
for
@liquity/contracts
(npm)
Aug 5, 2021
Calculation error in ark-r1cs-std
Critical
CVE-2021-38194
was published
for
ark-r1cs-std
(Rust)
Aug 25, 2021
missing clamps for decimal args in external functions
Moderate
CVE-2021-41122
was published
for
vyper
(pip)
Oct 6, 2021
Segfault due to negative splits in `SplitV`
Moderate
CVE-2021-41222
was published
for
tensorflow
(pip)
Nov 10, 2021
Incorrect Calculation in the MSR JavaScript Cryptography Library
High
CVE-2020-1026
was published
for
msrcrypto
(npm)
Jan 6, 2022
On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all...
Moderate
Unreviewed
CVE-2022-23028
was published
Jan 26, 2022
On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3,...
High
Unreviewed
CVE-2022-23011
was published
Jan 26, 2022
Incorrect Calculation in github.com/open-policy-agent/opa
Moderate
CVE-2022-23628
was published
for
github.com/open-policy-agent/opa
(Go)
Feb 9, 2022
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts...
High
Unreviewed
CVE-2021-45960
was published
Feb 10, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using...
High
Unreviewed
CVE-2021-44504
was published
Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can...
High
Unreviewed
CVE-2021-44491
was published
Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can...
High
Unreviewed
CVE-2021-44490
was published
Apr 16, 2022
STB v2.27 was discovered to contain an integer shift of invalid size in the component...
High
Unreviewed
CVE-2022-28048
was published
Apr 16, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x...
High
Unreviewed
CVE-2022-26517
was published
May 6, 2022
Incorrect Calculation in solana_rbpf
Critical
CVE-2022-23066
was published
for
solana_rbpf
(Rust)
May 10, 2022
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel...
Moderate
Unreviewed
CVE-2022-29978
was published
May 12, 2022
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote...
Moderate
Unreviewed
CVE-2016-7433
was published
May 13, 2022
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan...
High
Unreviewed
CVE-2018-18225
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API