GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
111 advisories
Filter by severity
`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was...
Critical
Unreviewed
CVE-2024-11705
was published
Nov 26, 2024
Incomplete validation in boosted trees code
Critical
CVE-2021-41208
was published
for
tensorflow
(pip)
Nov 10, 2021
An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers...
Critical
Unreviewed
CVE-2023-46427
was published
Mar 9, 2024
Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda...
Critical
Unreviewed
CVE-2024-23080
was published
Apr 10, 2024
An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial...
Critical
Unreviewed
CVE-2023-47003
was published
Nov 16, 2023
An issue in coap_msg.c in Keith Cullen's FreeCoAP v.0.7 allows remote attackers to cause a Denial...
Critical
Unreviewed
CVE-2024-31030
was published
May 31, 2024
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org...
Critical
Unreviewed
CVE-2024-23078
was published
Apr 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Properly link new...
Critical
Unreviewed
CVE-2024-35960
was published
May 20, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: wilc1000: fix RCU...
Critical
Unreviewed
CVE-2024-27053
was published
May 1, 2024
In libarchive 3.6.1, the software does not check for an error after calling calloc function that...
Critical
Unreviewed
CVE-2022-36227
was published
Nov 22, 2022
The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in...
Critical
Unreviewed
CVE-2022-36648
was published
Aug 22, 2023
ecnepsnai/web vulnerable to Uncontrolled Resource Consumption
Critical
CVE-2021-4236
was published
for
github.com/ecnepsnai/web
(Go)
Dec 28, 2022
Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can...
Critical
Unreviewed
CVE-2021-35068
was published
Feb 12, 2022
An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy...
Critical
Unreviewed
CVE-2023-23087
was published
Feb 3, 2023
Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.
Critical
Unreviewed
CVE-2019-16092
was published
May 24, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not...
Critical
Unreviewed
CVE-2015-8592
was published
May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer...
Critical
Unreviewed
CVE-2015-9038
was published
May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer...
Critical
Unreviewed
CVE-2015-9054
was published
May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted...
Critical
Unreviewed
CVE-2015-9072
was published
May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted...
Critical
Unreviewed
CVE-2015-9073
was published
May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out...
Critical
Unreviewed
CVE-2016-10344
was published
May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer...
Critical
Unreviewed
CVE-2015-9043
was published
May 17, 2022
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU...
Critical
Unreviewed
CVE-2017-7614
was published
May 17, 2022
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows...
Critical
Unreviewed
CVE-2017-10917
was published
May 17, 2022
An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps,...
Critical
Unreviewed
CVE-2017-10965
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API