Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
Denial of service in MODEM due to improper pointer handling Moderate Unreviewed
CVE-2022-25725 was published Jan 9, 2023
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can... High Unreviewed
CVE-2022-42309 was published Nov 1, 2022
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed... High Unreviewed
CVE-2022-41691 was published Oct 20, 2022
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon... High Unreviewed
CVE-2022-25661 was published Oct 19, 2022
Information disclosure due to untrusted pointer dereference in kernel in Snapdragon Auto,... High Unreviewed
CVE-2022-25662 was published Oct 19, 2022
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1... High Unreviewed
CVE-2022-28203 was published Sep 20, 2022
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose()... Moderate Unreviewed
CVE-2022-2521 was published Sep 1, 2022
An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX... Moderate Unreviewed
CVE-2020-27798 was published Aug 26, 2022
An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in... Moderate Unreviewed
CVE-2020-27797 was published Aug 26, 2022
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is... High Unreviewed
CVE-2022-37451 was published Aug 7, 2022
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using... Critical Unreviewed
CVE-2022-31625 was published Jun 17, 2022
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow... High Unreviewed
CVE-2020-12963 was published May 24, 2022
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and... Critical Unreviewed
CVE-2021-42377 was published May 24, 2022
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language... High Unreviewed
CVE-2021-3939 was published May 24, 2022
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2.... Critical Unreviewed
CVE-2021-3682 was published May 24, 2022
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting... High Unreviewed
CVE-2021-28216 was published May 24, 2022
Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::... High Unreviewed
CVE-2020-36404 was published May 24, 2022
A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def... High Unreviewed
CVE-2021-22760 was published May 24, 2022
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. Critical Unreviewed
CVE-2021-30473 was published May 24, 2022
An invalid free in Thrift's table-based serialization can cause the application to crash or... Critical Unreviewed
CVE-2021-24028 was published May 24, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd... High Unreviewed
CVE-2020-36224 was published May 24, 2022
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through... Moderate Unreviewed
CVE-2020-28941 was published May 24, 2022
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause... High Unreviewed
CVE-2020-5139 was published May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed... High Unreviewed
CVE-2020-15674 was published May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some... High Unreviewed
CVE-2020-15673 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database