GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
55 advisories
Filter by severity
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
High
Unreviewed
CVE-2022-24958
was published
Feb 12, 2022
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon...
High
Unreviewed
CVE-2022-25661
was published
Oct 19, 2022
Information disclosure due to untrusted pointer dereference in kernel in Snapdragon Auto,...
High
Unreviewed
CVE-2022-25662
was published
Oct 19, 2022
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1...
High
Unreviewed
CVE-2022-28203
was published
Sep 20, 2022
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed...
High
Unreviewed
CVE-2022-41691
was published
Oct 20, 2022
Denial of service in MODEM due to improper pointer handling
Moderate
Unreviewed
CVE-2022-25725
was published
Jan 9, 2023
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid...
Moderate
Unreviewed
CVE-2019-20170
was published
May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these...
High
Unreviewed
CVE-2020-15670
was published
May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some...
High
Unreviewed
CVE-2020-15673
was published
May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed...
High
Unreviewed
CVE-2020-15674
was published
May 24, 2022
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause...
High
Unreviewed
CVE-2020-5139
was published
May 24, 2022
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is...
High
Unreviewed
CVE-2022-37451
was published
Aug 7, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd...
High
Unreviewed
CVE-2020-36224
was published
May 24, 2022
An invalid free in Thrift's table-based serialization can cause the application to crash or...
Critical
Unreviewed
CVE-2021-24028
was published
May 24, 2022
A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def...
High
Unreviewed
CVE-2021-22760
was published
May 24, 2022
Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::...
High
Unreviewed
CVE-2020-36404
was published
May 24, 2022
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting...
High
Unreviewed
CVE-2021-28216
was published
May 24, 2022
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow...
High
Unreviewed
CVE-2020-12963
was published
May 24, 2022
Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that...
High
Unreviewed
CVE-2007-4367
was published
May 1, 2022
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using...
Critical
Unreviewed
CVE-2022-31625
was published
Jun 17, 2022
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through...
Moderate
Unreviewed
CVE-2020-28941
was published
May 24, 2022
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an...
Moderate
Unreviewed
CVE-2015-2695
was published
May 13, 2022
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a...
Critical
Unreviewed
CVE-2018-6836
was published
May 13, 2022
An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in...
Moderate
Unreviewed
CVE-2020-27797
was published
Aug 26, 2022
An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX...
Moderate
Unreviewed
CVE-2020-27798
was published
Aug 26, 2022
ProTip!
Advisories are also available from the
GraphQL API