Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+

37 advisories

Loading
Incorrect Calculation and Use of Insufficiently Random Values in Python Moderate Unreviewed
CVE-2020-14422 was published May 11, 2021
Erroneous Proof of Work calculation in geth Moderate
CVE-2020-26240 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
slavikus
Shallow copy bug in geth Moderate
CVE-2020-26241 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
Consensus flaw during block processing in github.com/ethereum/go-ethereum Moderate
CVE-2020-26265 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
missing clamps for decimal args in external functions Moderate
CVE-2021-41122 was published for vyper (pip) Oct 6, 2021
Segfault due to negative splits in `SplitV` Moderate
CVE-2021-41222 was published for tensorflow (pip) Nov 10, 2021
On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all... Moderate Unreviewed
CVE-2022-23028 was published Jan 26, 2022
Incorrect Calculation in github.com/open-policy-agent/opa Moderate
CVE-2022-23628 was published for github.com/open-policy-agent/opa (Go) Feb 9, 2022
johanneslarsson
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel... Moderate Unreviewed
CVE-2022-29978 was published May 12, 2022
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote... Moderate Unreviewed
CVE-2016-7433 was published May 13, 2022
ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE... Moderate Unreviewed
CVE-2018-16781 was published May 13, 2022
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are... Moderate Unreviewed
CVE-2011-1573 was published May 13, 2022
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote... Moderate Unreviewed
CVE-2011-3062 was published May 13, 2022
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr... Moderate Unreviewed
CVE-2017-2618 was published May 13, 2022
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point... Moderate Unreviewed
CVE-2017-11537 was published May 13, 2022
A flaw in DRBG number generation within the Network Security Services (NSS) library where the... Moderate Unreviewed
CVE-2017-5462 was published May 13, 2022
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in... Moderate Unreviewed
CVE-2017-8932 was published May 13, 2022
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that... Moderate Unreviewed
CVE-2016-9377 was published May 17, 2022
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95.... Moderate Unreviewed
CVE-2019-20051 was published May 24, 2022
ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a... Moderate Unreviewed
CVE-2020-27616 was published May 24, 2022
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect... Moderate Unreviewed
CVE-2021-3114 was published May 24, 2022
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read... Moderate Unreviewed
CVE-2021-29945 was published May 24, 2022
In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events... Moderate Unreviewed
CVE-2021-34573 was published May 24, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from... Moderate Unreviewed
CVE-2019-16346 was published May 24, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from... Moderate Unreviewed
CVE-2019-16347 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database