GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
161 advisories
Filter by severity
Improper Locking in github.com/containers/storage
Moderate
CVE-2021-20291
was published
for
github.com/containers/storage
(Go)
May 10, 2021
Deadlock in mutually recursive `tf.function` objects
Moderate
CVE-2021-41213
was published
for
tensorflow
(pip)
Nov 10, 2021
In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a...
Moderate
Unreviewed
CVE-2021-39647
was published
Dec 16, 2021
In vow driver, there is a possible memory corruption due to improper locking. This could lead to...
Moderate
Unreviewed
CVE-2022-20016
was published
Jan 5, 2022
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within...
Moderate
Unreviewed
CVE-2021-20315
was published
Feb 19, 2022
Improper Locking in JetBrains Kotlin
Moderate
CVE-2022-24329
was published
for
org.jetbrains.kotlin:kotlin-stdlib
(Maven)
Feb 26, 2022
An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It...
Moderate
Unreviewed
CVE-2021-3667
was published
Mar 4, 2022
A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due...
Moderate
Unreviewed
CVE-2021-4149
was published
Mar 24, 2022
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method...
Moderate
Unreviewed
CVE-2022-0897
was published
Mar 26, 2022
A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself...
Moderate
Unreviewed
CVE-2021-4147
was published
Mar 26, 2022
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log...
Moderate
Unreviewed
CVE-2022-26356
was published
Apr 6, 2022
Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on...
Moderate
Unreviewed
CVE-2004-0174
was published
Apr 29, 2022
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which...
Moderate
Unreviewed
CVE-2000-0338
was published
Apr 30, 2022
Windows 2000 allows local users to prevent the application of new group policy settings by...
Moderate
Unreviewed
CVE-2002-0051
was published
Apr 30, 2022
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a...
Moderate
Unreviewed
CVE-2002-1850
was published
Apr 30, 2022
The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2...
Moderate
Unreviewed
CVE-2005-3847
was published
May 1, 2022
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock)...
Moderate
Unreviewed
CVE-2006-2275
was published
May 1, 2022
The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to...
Moderate
Unreviewed
CVE-2006-4342
was published
May 1, 2022
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle...
Moderate
Unreviewed
CVE-2008-4302
was published
May 2, 2022
The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29...
Moderate
Unreviewed
CVE-2009-0935
was published
May 2, 2022
The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle...
Moderate
Unreviewed
CVE-2009-1388
was published
May 2, 2022
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable...
Moderate
Unreviewed
CVE-2009-2699
was published
May 2, 2022
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle...
Moderate
Unreviewed
CVE-2009-2857
was published
May 2, 2022
A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an...
Moderate
Unreviewed
CVE-2018-0381
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API