GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,141
Erlang
30
GitHub Actions
19
Go
1,943
Maven
5,000+
npm
3,684
NuGet
650
pip
3,303
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
49 advisories
Filter by severity
A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a...
High
Unreviewed
CVE-2021-3673
was published
May 24, 2022
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of...
High
Unreviewed
CVE-2021-28902
was published
May 24, 2022
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of...
High
Unreviewed
CVE-2021-28904
was published
May 24, 2022
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval-...
High
Unreviewed
CVE-2021-28906
was published
May 24, 2022
In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value...
High
Unreviewed
CVE-2021-28875
was published
May 24, 2022
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The...
High
Unreviewed
CVE-2020-29569
was published
May 24, 2022
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation...
High
Unreviewed
CVE-2019-20919
was published
May 24, 2022
The decode program in silk-v3-decoder Version:20160922 Build By kn007 does not strictly check...
High
Unreviewed
CVE-2020-24074
was published
May 24, 2022
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products,...
High
Unreviewed
CVE-2020-7247
was published
May 24, 2022
FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in...
High
Unreviewed
CVE-2019-15942
was published
May 24, 2022
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the...
High
Unreviewed
CVE-2017-6964
was published
May 13, 2022
A denial of service vulnerability in the Android media framework (libstagefright). Product:...
High
Unreviewed
CVE-2017-0774
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android....
High
Unreviewed
CVE-2017-0720
was published
May 13, 2022
A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to...
High
Unreviewed
CVE-2017-0599
was published
May 13, 2022
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was...
High
Unreviewed
CVE-2018-14367
was published
May 13, 2022
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not...
High
Unreviewed
CVE-2018-20216
was published
May 13, 2022
In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet...
High
Unreviewed
CVE-2019-10902
was published
May 13, 2022
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The...
High
Unreviewed
CVE-2018-14622
was published
May 13, 2022
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the...
High
Unreviewed
CVE-2007-5191
was published
May 1, 2022
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional...
High
Unreviewed
CVE-2005-4360
was published
May 1, 2022
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization...
High
Unreviewed
CVE-2021-40401
was published
Feb 10, 2022
Improper privilege handling in Apache Accumulo
High
CVE-2020-17533
was published
for
org.apache.accumulo:accumulo-master
(Maven)
Feb 9, 2022
ProTip!
Advisories are also available from the
GraphQL API