Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

110 advisories

Loading
Incomplete validation in boosted trees code Critical
CVE-2021-41208 was published for tensorflow (pip) Nov 10, 2021
An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers... Critical Unreviewed
CVE-2023-46427 was published Mar 9, 2024
Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda... Critical Unreviewed
CVE-2024-23080 was published Apr 10, 2024
An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial... Critical Unreviewed
CVE-2023-47003 was published Nov 16, 2023
An issue in coap_msg.c in Keith Cullen's FreeCoAP v.0.7 allows remote attackers to cause a Denial... Critical Unreviewed
CVE-2024-31030 was published May 31, 2024
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org... Critical Unreviewed
CVE-2024-23078 was published Apr 8, 2024
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new... Critical Unreviewed
CVE-2024-35960 was published May 20, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU... Critical Unreviewed
CVE-2024-27053 was published May 1, 2024
In libarchive 3.6.1, the software does not check for an error after calling calloc function that... Critical Unreviewed
CVE-2022-36227 was published Nov 22, 2022
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in... Critical Unreviewed
CVE-2022-36648 was published Aug 22, 2023
ecnepsnai/web vulnerable to Uncontrolled Resource Consumption Critical
CVE-2021-4236 was published for github.com/ecnepsnai/web (Go) Dec 28, 2022
Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can... Critical Unreviewed
CVE-2021-35068 was published Feb 12, 2022
An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy... Critical Unreviewed
CVE-2023-23087 was published Feb 3, 2023
Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. Critical Unreviewed
CVE-2019-16092 was published May 24, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer... Critical Unreviewed
CVE-2015-9038 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not... Critical Unreviewed
CVE-2015-8592 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer... Critical Unreviewed
CVE-2015-9054 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted... Critical Unreviewed
CVE-2015-9072 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted... Critical Unreviewed
CVE-2015-9073 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out... Critical Unreviewed
CVE-2016-10344 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer... Critical Unreviewed
CVE-2015-9043 was published May 17, 2022
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU... Critical Unreviewed
CVE-2017-7614 was published May 17, 2022
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows... Critical Unreviewed
CVE-2017-10917 was published May 17, 2022
An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps,... Critical Unreviewed
CVE-2017-10965 was published May 17, 2022
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002570... Critical Unreviewed
CVE-2017-17464 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database