Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

62 advisories

Loading
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. High Unreviewed
CVE-2022-24958 was published Feb 12, 2022
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1... High Unreviewed
CVE-2022-28203 was published Sep 20, 2022
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed... High Unreviewed
CVE-2022-41691 was published Oct 20, 2022
Denial of service in MODEM due to improper pointer handling Moderate Unreviewed
CVE-2022-25725 was published Jan 9, 2023
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid... Moderate Unreviewed
CVE-2019-20170 was published May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these... High Unreviewed
CVE-2020-15670 was published May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some... High Unreviewed
CVE-2020-15673 was published May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed... High Unreviewed
CVE-2020-15674 was published May 24, 2022
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause... High Unreviewed
CVE-2020-5139 was published May 24, 2022
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is... High Unreviewed
CVE-2022-37451 was published Aug 7, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd... High Unreviewed
CVE-2020-36224 was published May 24, 2022
An invalid free in Thrift's table-based serialization can cause the application to crash or... Critical Unreviewed
CVE-2021-24028 was published May 24, 2022
A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def... High Unreviewed
CVE-2021-22760 was published May 24, 2022
Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::... High Unreviewed
CVE-2020-36404 was published May 24, 2022
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting... High Unreviewed
CVE-2021-28216 was published May 24, 2022
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow... High Unreviewed
CVE-2020-12963 was published May 24, 2022
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using... Critical Unreviewed
CVE-2022-31625 was published Jun 17, 2022
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through... Moderate Unreviewed
CVE-2020-28941 was published May 24, 2022
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an... Moderate Unreviewed
CVE-2015-2695 was published May 13, 2022
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a... Critical Unreviewed
CVE-2018-6836 was published May 13, 2022
In really_install_package of install.cpp, there is a possible free of arbitrary memory due to... High Unreviewed
CVE-2018-9557 was published May 13, 2022
A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product:... High Unreviewed
CVE-2017-0731 was published May 13, 2022
crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local... High Unreviewed
CVE-2017-18075 was published May 13, 2022
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which... Moderate Unreviewed
CVE-2021-45261 was published Dec 23, 2021
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2.... Critical Unreviewed
CVE-2021-3682 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database