Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,984
Maven
5,000+
npm
3,701
NuGet
657
pip
3,325
Pub
11
RubyGems
882
Rust
835
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

30 advisories

Loading
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. High Unreviewed
CVE-2022-24958 was published Feb 12, 2022
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon... High Unreviewed
CVE-2022-25661 was published Oct 19, 2022
Information disclosure due to untrusted pointer dereference in kernel in Snapdragon Auto,... High Unreviewed
CVE-2022-25662 was published Oct 19, 2022
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1... High Unreviewed
CVE-2022-28203 was published Sep 20, 2022
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed... High Unreviewed
CVE-2022-41691 was published Oct 20, 2022
Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these... High Unreviewed
CVE-2020-15670 was published May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some... High Unreviewed
CVE-2020-15673 was published May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed... High Unreviewed
CVE-2020-15674 was published May 24, 2022
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause... High Unreviewed
CVE-2020-5139 was published May 24, 2022
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is... High Unreviewed
CVE-2022-37451 was published Aug 7, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd... High Unreviewed
CVE-2020-36224 was published May 24, 2022
A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def... High Unreviewed
CVE-2021-22760 was published May 24, 2022
Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::... High Unreviewed
CVE-2020-36404 was published May 24, 2022
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting... High Unreviewed
CVE-2021-28216 was published May 24, 2022
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow... High Unreviewed
CVE-2020-12963 was published May 24, 2022
Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that... High Unreviewed
CVE-2007-4367 was published May 1, 2022
In really_install_package of install.cpp, there is a possible free of arbitrary memory due to... High Unreviewed
CVE-2018-9557 was published May 13, 2022
A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product:... High Unreviewed
CVE-2017-0731 was published May 13, 2022
crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local... High Unreviewed
CVE-2017-18075 was published May 13, 2022
There exists a use-after-free vulnerability in the Linux kernel through io_uring and the... High Unreviewed
CVE-2022-4696 was published Jan 11, 2023
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language... High Unreviewed
CVE-2021-3939 was published May 24, 2022
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can... High Unreviewed
CVE-2022-42309 was published Nov 1, 2022
An invalid free in mb_detect_order can cause the application to crash or potentially result in... High Unreviewed
CVE-2019-11930 was published May 24, 2022
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an... High Unreviewed
CVE-2023-4883 was published Oct 3, 2023
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted... High Unreviewed
CVE-2022-26942 was published Oct 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database