Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

5,154 advisories

Loading
Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop Moderate
CVE-2024-10846 was published for github.com/compose-spec/compose-go/v2 (Go) Jan 21, 2025
ahollmann idsulik
thaJeztah glours gbrindisi
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can... Moderate Unreviewed
CVE-2025-46574 was published Apr 27, 2025
In ccci, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2022-32634 was published Dec 5, 2022
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2022-32631 was published Dec 5, 2022
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2022-32632 was published Dec 5, 2022
LMDeploy Improper Input Validation Vulnerability Moderate
CVE-2025-3162 was published for lmdeploy (pip) Apr 3, 2025
tar-split memory exhaustion Moderate
CVE-2017-14992 was published for github.com/vbatts/tar-split (Go) May 17, 2022
An issue in code signature validation was addressed with improved checks. This issue is fixed in... Moderate Unreviewed
CVE-2022-42793 was published Nov 2, 2022
In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds... Moderate Unreviewed
CVE-2022-20569 was published Dec 21, 2022
An improper input validation vulnerability is identified in the End of Life (EOL) OVA based... Moderate Unreviewed
CVE-2025-3837 was published Apr 21, 2025
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10... Moderate Unreviewed
CVE-2017-7154 was published May 14, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a... Moderate Unreviewed
CVE-2017-17810 was published May 14, 2022
SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7... Moderate Unreviewed
CVE-2017-16691 was published May 14, 2022
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it... Moderate Unreviewed
CVE-2017-17862 was published May 14, 2022
Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV... Moderate Unreviewed
CVE-2017-16951 was published May 13, 2022
KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file. Moderate Unreviewed
CVE-2017-16952 was published May 17, 2022
NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a... Moderate Unreviewed
CVE-2017-14583 was published May 14, 2022
The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma... Moderate Unreviewed
CVE-2017-15270 was published May 14, 2022
NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are... Moderate Unreviewed
CVE-2017-11461 was published May 17, 2022
In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via... Moderate Unreviewed
CVE-2017-16637 was published May 17, 2022
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set... Moderate Unreviewed
CVE-2015-1835 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1... Moderate Unreviewed
CVE-2017-13849 was published May 14, 2022
A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an... Moderate Unreviewed
CVE-2017-12285 was published May 13, 2022
FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to conduct content-spoofing... Moderate Unreviewed
CVE-2014-9678 was published May 17, 2022
WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows... Moderate Unreviewed
CVE-2016-9263 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database