Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,152
Maven
5,000+
npm
3,816
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

89 advisories

Loading
Miscompilation of `i8x16.swizzle` and `select` with v128 inputs Moderate
CVE-2022-31104 was published for cranelift-codegen (Rust) Jun 29, 2022
alexcrichton MaineK00n
Uncontrolled Resource Consumption in fast-string-search High
CVE-2022-22138 was published for fast-string-search (npm) Jun 18, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from... Moderate Unreviewed
CVE-2019-16346 was published May 24, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from... Moderate Unreviewed
CVE-2019-16347 was published May 24, 2022
In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events... Moderate Unreviewed
CVE-2021-34573 was published May 24, 2022
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read... Moderate Unreviewed
CVE-2021-29945 was published May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-31440 was published May 24, 2022
A vulnerability has been identified in SCALANCE XM-400 Family (All versions < V6.4), SCALANCE XR... High Unreviewed
CVE-2020-28393 was published May 24, 2022
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect... Moderate Unreviewed
CVE-2021-3114 was published May 24, 2022
The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an... High Unreviewed
CVE-2021-3004 was published May 24, 2022
ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a... Moderate Unreviewed
CVE-2020-27616 was published May 24, 2022
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to... High Unreviewed
CVE-2020-0022 was published May 24, 2022
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95.... Moderate Unreviewed
CVE-2019-20051 was published May 24, 2022
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading... High Unreviewed
CVE-2019-17514 was published May 24, 2022
In FreeBSD 12.0-STABLE before r350222, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before... High Unreviewed
CVE-2019-5607 was published May 24, 2022
Incorrect Calculation in moodle Critical
CVE-2022-30600 was published for moodle/moodle (Composer) May 19, 2022
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode... High Unreviewed
CVE-2017-0342 was published May 17, 2022
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that... Moderate Unreviewed
CVE-2016-9377 was published May 17, 2022
espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point... High Unreviewed
CVE-2018-14439 was published May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA... High Unreviewed
CVE-2017-9725 was published May 13, 2022
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in... Moderate Unreviewed
CVE-2017-8932 was published May 13, 2022
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest... High Unreviewed
CVE-2017-8905 was published May 13, 2022
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type... High Unreviewed
CVE-2017-8326 was published May 13, 2022
A flaw in DRBG number generation within the Network Security Services (NSS) library where the... Moderate Unreviewed
CVE-2017-5462 was published May 13, 2022
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission... High Unreviewed
CVE-2017-13288 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database