GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,909
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,044
Maven 5,228
npm 3,736
NuGet 663
pip 3,414
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,245

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

33 advisories

Filter by severity

Sort by

Least recently updated

Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a... High Unreviewed

CVE-2024-44852 was published Dec 7, 2024

nanopb vulnerable to invalid free() call with oneofs and PB_ENABLE_MALLOC High

CVE-2021-21401 was published for nanopb (pip) Aug 30, 2024

In the Linux kernel, the following vulnerability has been resolved: bluetooth/hci: disallow... High Unreviewed

CVE-2024-42132 was published Jul 30, 2024

It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay... High Unreviewed

CVE-2024-6607 was published Jul 9, 2024

A memory corruption vulnerability in HddPassword in Insyde InsydeH2O kernel 5.2 before 05.29.09,... High Unreviewed

CVE-2024-25079 was published May 15, 2024

Memory corruption while reading ACPI config through the user mode app. High Unreviewed

CVE-2023-43532 was published Feb 6, 2024

The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted... High Unreviewed

CVE-2022-26942 was published Oct 19, 2023

Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an... High Unreviewed

CVE-2023-4883 was published Oct 3, 2023

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine... High Unreviewed

CVE-2023-34312 was published Jun 1, 2023

In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not... High Unreviewed

CVE-2022-48425 was published Mar 19, 2023

There exists a use-after-free vulnerability in the Linux kernel through io_uring and the... High Unreviewed

CVE-2022-4696 was published Jan 11, 2023

Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can... High Unreviewed

CVE-2022-42309 was published Nov 1, 2022

When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed... High Unreviewed

CVE-2022-41691 was published Oct 20, 2022

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon... High Unreviewed

CVE-2022-25661 was published Oct 19, 2022

Information disclosure due to untrusted pointer dereference in kernel in Snapdragon Auto,... High Unreviewed

CVE-2022-25662 was published Oct 19, 2022

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1... High Unreviewed

CVE-2022-28203 was published Sep 20, 2022

Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is... High Unreviewed

CVE-2022-37451 was published Aug 7, 2022

An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow... High Unreviewed

CVE-2020-12963 was published May 24, 2022

Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language... High Unreviewed

CVE-2021-3939 was published May 24, 2022

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting... High Unreviewed

CVE-2021-28216 was published May 24, 2022

Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::... High Unreviewed

CVE-2020-36404 was published May 24, 2022

A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def... High Unreviewed

CVE-2021-22760 was published May 24, 2022

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd... High Unreviewed

CVE-2020-36224 was published May 24, 2022

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause... High Unreviewed

CVE-2020-5139 was published May 24, 2022

Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some... High Unreviewed

CVE-2020-15673 was published May 24, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

33 advisories