GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
51 advisories
Filter by severity
A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies...
High
Unreviewed
CVE-2022-0485
was published
Aug 29, 2022
Invalid file request can crash server
High
CVE-2022-31089
was published
for
parse-server
(npm)
Jun 20, 2022
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization...
High
Unreviewed
CVE-2021-40401
was published
Feb 10, 2022
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response...
High
Unreviewed
CVE-2022-1319
was published
Sep 1, 2022
The decode program in silk-v3-decoder Version:20160922 Build By kn007 does not strictly check...
High
Unreviewed
CVE-2020-24074
was published
May 24, 2022
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation...
High
Unreviewed
CVE-2019-20919
was published
May 24, 2022
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The...
High
Unreviewed
CVE-2020-29569
was published
May 24, 2022
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE)....
High
Unreviewed
CVE-2022-40279
was published
Sep 30, 2022
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval-...
High
Unreviewed
CVE-2021-28906
was published
May 24, 2022
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of...
High
Unreviewed
CVE-2021-28902
was published
May 24, 2022
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of...
High
Unreviewed
CVE-2021-28904
was published
May 24, 2022
OpenZeppelin Contracts's ERC165Checker may revert instead of returning false
High
CVE-2022-31170
was published
for
@openzeppelin/contracts
(npm)
Jul 21, 2022
A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a...
High
Unreviewed
CVE-2021-3673
was published
May 24, 2022
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser...
High
Unreviewed
CVE-2021-34585
was published
May 24, 2022
In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value...
High
Unreviewed
CVE-2021-28875
was published
May 24, 2022
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional...
High
Unreviewed
CVE-2005-4360
was published
May 1, 2022
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the...
High
Unreviewed
CVE-2007-5191
was published
May 1, 2022
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The...
High
Unreviewed
CVE-2018-14622
was published
May 13, 2022
In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet...
High
Unreviewed
CVE-2019-10902
was published
May 13, 2022
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not...
High
Unreviewed
CVE-2018-20216
was published
May 13, 2022
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was...
High
Unreviewed
CVE-2018-14367
was published
May 13, 2022
A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to...
High
Unreviewed
CVE-2017-0599
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android....
High
Unreviewed
CVE-2017-0720
was published
May 13, 2022
A denial of service vulnerability in the Android media framework (libstagefright). Product:...
High
Unreviewed
CVE-2017-0774
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API