Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

56 advisories

Loading
In really_install_package of install.cpp, there is a possible free of arbitrary memory due to... High Unreviewed
CVE-2018-9557 was published May 13, 2022
A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product:... High Unreviewed
CVE-2017-0731 was published May 13, 2022
crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local... High Unreviewed
CVE-2017-18075 was published May 13, 2022
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which... Moderate Unreviewed
CVE-2021-45261 was published Dec 23, 2021
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2.... Critical Unreviewed
CVE-2021-3682 was published May 24, 2022
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit... Moderate Unreviewed
CVE-2021-40042 was published Feb 1, 2022
lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a... Moderate Unreviewed
CVE-2020-24371 was published May 24, 2022
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose()... Moderate Unreviewed
CVE-2022-2521 was published Sep 1, 2022
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and... Critical Unreviewed
CVE-2021-42377 was published May 24, 2022
There exists a use-after-free vulnerability in the Linux kernel through io_uring and the... High Unreviewed
CVE-2022-4696 was published Jan 11, 2023
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language... High Unreviewed
CVE-2021-3939 was published May 24, 2022
A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for... Moderate Unreviewed
CVE-2022-46486 was published Dec 30, 2023
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. Critical Unreviewed
CVE-2021-30473 was published May 24, 2022
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can... High Unreviewed
CVE-2022-42309 was published Nov 1, 2022
An invalid free in mb_detect_order can cause the application to crash or potentially result in... High Unreviewed
CVE-2019-11930 was published May 24, 2022
An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping... Moderate Unreviewed
CVE-2023-31082 was published Apr 24, 2023
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer... Moderate Unreviewed
CVE-2020-27545 was published Apr 16, 2023
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an... High Unreviewed
CVE-2023-4883 was published Oct 3, 2023
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted... High Unreviewed
CVE-2022-26942 was published Oct 19, 2023
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine... High Unreviewed
CVE-2023-34312 was published Jun 1, 2023
Copy_from_user on 64-bit versions of the Linux kernel does not implement the... Moderate Unreviewed
CVE-2023-0459 was published Jul 6, 2023
Memory corruption while reading ACPI config through the user mode app. High Unreviewed
CVE-2023-43532 was published Feb 6, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Page fault in... Moderate Unreviewed
CVE-2022-48835 was published Jul 16, 2024
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay... High Unreviewed
CVE-2024-6607 was published Jul 9, 2024
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not... High Unreviewed
CVE-2022-48425 was published Mar 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database