Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

170 advisories

Loading
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric... Moderate Unreviewed
CVE-2025-3511 was published Apr 25, 2025
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has... Low Unreviewed
CVE-2025-32415 was published Apr 17, 2025
Memory Corruption in modem due to improper length check while copying into memory in Snapdragon... Critical Unreviewed
CVE-2022-25727 was published Nov 15, 2022
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist... High Unreviewed
CVE-2022-20488 was published Dec 13, 2022
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist... High Unreviewed
CVE-2022-20491 was published Dec 13, 2022
In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource... Moderate Unreviewed
CVE-2021-0934 was published Dec 13, 2022
GoBGP crashes in the flowspec parser Moderate
CVE-2025-43972 was published for github.com/osrg/gobgp (Go) Apr 21, 2025
GoBGP does not properly check the input length Moderate
CVE-2025-43970 was published for github.com/osrg/gobgp (Go) Apr 21, 2025
In multiple locations, there is a possible display crash loop due to improper input validation.... Low Unreviewed
CVE-2022-20543 was published Dec 19, 2022
In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp... Low Unreviewed
CVE-2025-43964 was published Apr 21, 2025
Software installed and run as a non-privileged user may conduct improper GPU system calls to... High Unreviewed
CVE-2025-25178 was published Apr 4, 2025
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body... Moderate Unreviewed
CVE-2022-37312 was published Dec 26, 2022
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request... Moderate Unreviewed
CVE-2022-37311 was published Dec 26, 2022
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the... High Unreviewed
CVE-2008-1440 was published May 1, 2022
In Condition of Condition.java, there is a possible way to grant notification access due to... High Unreviewed
CVE-2022-20493 was published Jan 26, 2023
A code execution vulnerability exists in the Xiaomi Game center application product. The... High Unreviewed
CVE-2024-45351 was published Mar 26, 2025
The geofencing kernel code does not verify the length of the input data. Successful exploitation... High Unreviewed
CVE-2022-48298 was published Feb 9, 2023
The geofencing kernel code has a vulnerability of not verifying the length of the input data.... High Unreviewed
CVE-2022-48297 was published Feb 9, 2023
A lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7, 15.7... Moderate Unreviewed
CVE-2022-3411 was published Feb 14, 2023
A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330... Moderate Unreviewed
CVE-2024-27362 was published Jul 9, 2024
On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur... Moderate Unreviewed
CVE-2024-8000 was published Mar 4, 2025
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. High Unreviewed
CVE-2023-34188 was published Jun 23, 2023
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where... Low Unreviewed
CVE-2024-53879 was published Feb 25, 2025
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where... Low Unreviewed
CVE-2024-53878 was published Feb 25, 2025
Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds... Moderate Unreviewed
CVE-2023-20508 was published Feb 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database