GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,909
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,044
Maven 5,228
npm 3,736
NuGet 663
pip 3,414
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,245

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

56 advisories

Filter by severity

Sort by

Least recently updated

An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in... Moderate Unreviewed

CVE-2020-27797 was published Aug 26, 2022

An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX... Moderate Unreviewed

CVE-2020-27798 was published Aug 26, 2022

Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is... High Unreviewed

CVE-2022-37451 was published Aug 7, 2022

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using... Critical Unreviewed

CVE-2022-31625 was published Jun 17, 2022

An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow... High Unreviewed

CVE-2020-12963 was published May 24, 2022

An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and... Critical Unreviewed

CVE-2021-42377 was published May 24, 2022

Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language... High Unreviewed

CVE-2021-3939 was published May 24, 2022

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2.... Critical Unreviewed

CVE-2021-3682 was published May 24, 2022

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting... High Unreviewed

CVE-2021-28216 was published May 24, 2022

Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::... High Unreviewed

CVE-2020-36404 was published May 24, 2022

A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def... High Unreviewed

CVE-2021-22760 was published May 24, 2022

aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. Critical Unreviewed

CVE-2021-30473 was published May 24, 2022

An invalid free in Thrift's table-based serialization can cause the application to crash or... Critical Unreviewed

CVE-2021-24028 was published May 24, 2022

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd... High Unreviewed

CVE-2020-36224 was published May 24, 2022

An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through... Moderate Unreviewed

CVE-2020-28941 was published May 24, 2022

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause... High Unreviewed

CVE-2020-5139 was published May 24, 2022

Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some... High Unreviewed

CVE-2020-15673 was published May 24, 2022

Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed... High Unreviewed

CVE-2020-15674 was published May 24, 2022

Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these... High Unreviewed

CVE-2020-15670 was published May 24, 2022

lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a... Moderate Unreviewed

CVE-2020-24371 was published May 24, 2022

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid... Moderate Unreviewed

CVE-2019-20170 was published May 24, 2022

An invalid free in mb_detect_order can cause the application to crash or potentially result in... High Unreviewed

CVE-2019-11930 was published May 24, 2022

crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local... High Unreviewed

CVE-2017-18075 was published May 13, 2022

A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product:... High Unreviewed

CVE-2017-0731 was published May 13, 2022

In really_install_package of install.cpp, there is a possible free of arbitrary memory due to... High Unreviewed

CVE-2018-9557 was published May 13, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

56 advisories