Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

450 advisories

Loading
Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free Moderate
CVE-2023-45814 was published for Bunkum (NuGet) Oct 19, 2023
jvyden
golang.org/x/text/language Denial of service via crafted Accept-Language header High
CVE-2022-32149 was published for golang.org/x/text (Go) Oct 14, 2022
rbeuque74
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3... Moderate Unreviewed
CVE-2018-17234 was published May 13, 2022
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10... Moderate Unreviewed
CVE-2018-17437 was published May 13, 2022
Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability.... Moderate Unreviewed
CVE-2022-31222 was published Sep 13, 2022
Uncontrolled Resource Consumption in Matrix Synapse Moderate
CVE-2022-41952 was published for matrix-synapse (pip) Apr 1, 2022
Use of uninitialized buffer in rkyv High
CVE-2021-31919 was published for rkyv (Rust) Aug 25, 2021
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect... High Unreviewed
CVE-2021-1620 was published May 24, 2022
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will... High Unreviewed
CVE-2019-3883 was published May 13, 2022
In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an... Moderate Unreviewed
CVE-2023-22996 was published Feb 28, 2023
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows... Moderate Unreviewed
CVE-2016-9102 was published May 13, 2022
Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator)... Moderate Unreviewed
CVE-2016-7995 was published May 13, 2022
Uncontrolled Resource Consumption in promhttp High
CVE-2022-21698 was published for github.com/prometheus/client_golang (Go) Feb 16, 2022
dgl
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-9106 was published May 13, 2022
Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-8577 was published May 13, 2022
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-9105 was published May 13, 2022
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13... Moderate Unreviewed
CVE-2017-12190 was published May 13, 2022
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8... Moderate Unreviewed
CVE-2017-2596 was published May 13, 2022
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory... Moderate Unreviewed
CVE-2016-9907 was published May 13, 2022
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not... Low Unreviewed
CVE-2022-26354 was published Mar 17, 2022
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage... Moderate Unreviewed
CVE-2016-9911 was published May 13, 2022
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with... High Unreviewed
CVE-2022-26353 was published Mar 17, 2022
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of... High Unreviewed
CVE-2020-22844 was published Mar 1, 2022
A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding... High Unreviewed
CVE-2022-22170 was published Jan 20, 2022
Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed
CVE-2013-6707 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database