Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

87 advisories

Loading
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to... High Unreviewed
CVE-2020-0022 was published May 24, 2022
An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti... High Unreviewed
CVE-2022-35258 was published Dec 6, 2022
Shallow copy bug in geth Moderate
CVE-2020-26241 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
Erroneous Proof of Work calculation in geth Moderate
CVE-2020-26240 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
slavikus
Incorrect Calculation in moodle Critical
CVE-2022-30600 was published for moodle/moodle (Composer) May 19, 2022
Flaw in streaming state in orion High
CVE-2018-20999 was published for orion (Rust) Aug 25, 2021
Incorrect Calculation and Use of Insufficiently Random Values in Python Moderate Unreviewed
CVE-2020-14422 was published May 11, 2021
Calculation error in ark-r1cs-std Critical
CVE-2021-38194 was published for ark-r1cs-std (Rust) Aug 25, 2021
tdunlap607
Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R)... Moderate Unreviewed
CVE-2022-33972 was published Feb 16, 2023
OpenZeppelin Contracts contains Incorrect Calculation Moderate
CVE-2023-26488 was published for @openzeppelin/contracts (npm) Mar 3, 2023
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are... Moderate Unreviewed
CVE-2011-1573 was published May 13, 2022
Consensus flaw during block processing in github.com/ethereum/go-ethereum Moderate
CVE-2020-26265 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr... Moderate Unreviewed
CVE-2017-2618 was published May 13, 2022
On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3,... High Unreviewed
CVE-2022-23011 was published Jan 26, 2022
On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all... Moderate Unreviewed
CVE-2022-23028 was published Jan 26, 2022
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1... High Unreviewed
CVE-2022-36795 was published Oct 20, 2022
espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point... High Unreviewed
CVE-2018-14439 was published May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA... High Unreviewed
CVE-2017-9725 was published May 13, 2022
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest... High Unreviewed
CVE-2017-8905 was published May 13, 2022
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in... Moderate Unreviewed
CVE-2017-8932 was published May 13, 2022
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type... High Unreviewed
CVE-2017-8326 was published May 13, 2022
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission... High Unreviewed
CVE-2017-13288 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android... High Unreviewed
CVE-2017-13151 was published May 13, 2022
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point... Moderate Unreviewed
CVE-2017-11537 was published May 13, 2022
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS... High Unreviewed
CVE-2017-12134 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database