GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
26 advisories
Filter by severity
Incorrect Calculation and Use of Insufficiently Random Values in Python
Moderate
Unreviewed
CVE-2020-14422
was published
May 11, 2021
On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all...
Moderate
Unreviewed
CVE-2022-23028
was published
Jan 26, 2022
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel...
Moderate
Unreviewed
CVE-2022-29978
was published
May 12, 2022
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote...
Moderate
Unreviewed
CVE-2016-7433
was published
May 13, 2022
ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE...
Moderate
Unreviewed
CVE-2018-16781
was published
May 13, 2022
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are...
Moderate
Unreviewed
CVE-2011-1573
was published
May 13, 2022
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote...
Moderate
Unreviewed
CVE-2011-3062
was published
May 13, 2022
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr...
Moderate
Unreviewed
CVE-2017-2618
was published
May 13, 2022
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point...
Moderate
Unreviewed
CVE-2017-11537
was published
May 13, 2022
A flaw in DRBG number generation within the Network Security Services (NSS) library where the...
Moderate
Unreviewed
CVE-2017-5462
was published
May 13, 2022
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in...
Moderate
Unreviewed
CVE-2017-8932
was published
May 13, 2022
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that...
Moderate
Unreviewed
CVE-2016-9377
was published
May 17, 2022
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95....
Moderate
Unreviewed
CVE-2019-20051
was published
May 24, 2022
ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a...
Moderate
Unreviewed
CVE-2020-27616
was published
May 24, 2022
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect...
Moderate
Unreviewed
CVE-2021-3114
was published
May 24, 2022
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read...
Moderate
Unreviewed
CVE-2021-29945
was published
May 24, 2022
In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events...
Moderate
Unreviewed
CVE-2021-34573
was published
May 24, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from...
Moderate
Unreviewed
CVE-2019-16347
was published
May 24, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from...
Moderate
Unreviewed
CVE-2019-16346
was published
May 24, 2022
Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R)...
Moderate
Unreviewed
CVE-2022-33972
was published
Feb 16, 2023
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font-...
Moderate
Unreviewed
CVE-2023-3161
was published
Jun 12, 2023
An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the...
Moderate
Unreviewed
CVE-2023-36980
was published
Sep 11, 2023
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with...
Moderate
Unreviewed
CVE-2023-43490
was published
Mar 14, 2024
In the Linux kernel, the following vulnerability has been resolved:
btrfs: zoned: fix...
Moderate
Unreviewed
CVE-2024-42231
was published
Jul 30, 2024
Improper access control vulnerability in M-Files Aino in versions before 24.10 allowed an...
Moderate
Unreviewed
CVE-2024-11176
was published
Nov 20, 2024
ProTip!
Advisories are also available from the
GraphQL API