GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
32 advisories
Filter by severity
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a...
High
Unreviewed
CVE-2024-44852
was published
Dec 7, 2024
In the Linux kernel, the following vulnerability has been resolved:
bluetooth/hci: disallow...
High
Unreviewed
CVE-2024-42132
was published
Jul 30, 2024
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay...
High
Unreviewed
CVE-2024-6607
was published
Jul 9, 2024
A memory corruption vulnerability in HddPassword in Insyde InsydeH2O kernel 5.2 before 05.29.09,...
High
Unreviewed
CVE-2024-25079
was published
May 15, 2024
Memory corruption while reading ACPI config through the user mode app.
High
Unreviewed
CVE-2023-43532
was published
Feb 6, 2024
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted...
High
Unreviewed
CVE-2022-26942
was published
Oct 19, 2023
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an...
High
Unreviewed
CVE-2023-4883
was published
Oct 3, 2023
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine...
High
Unreviewed
CVE-2023-34312
was published
Jun 1, 2023
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not...
High
Unreviewed
CVE-2022-48425
was published
Mar 19, 2023
There exists a use-after-free vulnerability in the Linux kernel through io_uring and the...
High
Unreviewed
CVE-2022-4696
was published
Jan 11, 2023
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can...
High
Unreviewed
CVE-2022-42309
was published
Nov 1, 2022
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed...
High
Unreviewed
CVE-2022-41691
was published
Oct 20, 2022
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon...
High
Unreviewed
CVE-2022-25661
was published
Oct 19, 2022
Information disclosure due to untrusted pointer dereference in kernel in Snapdragon Auto,...
High
Unreviewed
CVE-2022-25662
was published
Oct 19, 2022
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1...
High
Unreviewed
CVE-2022-28203
was published
Sep 20, 2022
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is...
High
Unreviewed
CVE-2022-37451
was published
Aug 7, 2022
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow...
High
Unreviewed
CVE-2020-12963
was published
May 24, 2022
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language...
High
Unreviewed
CVE-2021-3939
was published
May 24, 2022
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting...
High
Unreviewed
CVE-2021-28216
was published
May 24, 2022
Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::...
High
Unreviewed
CVE-2020-36404
was published
May 24, 2022
A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def...
High
Unreviewed
CVE-2021-22760
was published
May 24, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd...
High
Unreviewed
CVE-2020-36224
was published
May 24, 2022
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause...
High
Unreviewed
CVE-2020-5139
was published
May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some...
High
Unreviewed
CVE-2020-15673
was published
May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed...
High
Unreviewed
CVE-2020-15674
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API