Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,984
Maven
5,000+
npm
3,701
NuGet
657
pip
3,325
Pub
11
RubyGems
882
Rust
835
Swift
35
Unreviewed advisories
All unreviewed
5,000+

54 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix releasing... Moderate Unreviewed
CVE-2021-47615 was published Jun 19, 2024
A memory corruption vulnerability in HddPassword in Insyde InsydeH2O kernel 5.2 before 05.29.09,... High Unreviewed
CVE-2024-25079 was published May 15, 2024
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ... Low Unreviewed
CVE-2024-50057 was published Oct 21, 2024
nanopb vulnerable to invalid free() call with oneofs and PB_ENABLE_MALLOC High
CVE-2021-21401 was published for nanopb (pip) Aug 30, 2024
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not... High Unreviewed
CVE-2022-48425 was published Mar 19, 2023
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay... High Unreviewed
CVE-2024-6607 was published Jul 9, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Page fault in... Moderate Unreviewed
CVE-2022-48835 was published Jul 16, 2024
Memory corruption while reading ACPI config through the user mode app. High Unreviewed
CVE-2023-43532 was published Feb 6, 2024
Copy_from_user on 64-bit versions of the Linux kernel does not implement the... Moderate Unreviewed
CVE-2023-0459 was published Jul 6, 2023
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine... High Unreviewed
CVE-2023-34312 was published Jun 1, 2023
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted... High Unreviewed
CVE-2022-26942 was published Oct 19, 2023
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an... High Unreviewed
CVE-2023-4883 was published Oct 3, 2023
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer... Moderate Unreviewed
CVE-2020-27545 was published Apr 16, 2023
An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping... Moderate Unreviewed
CVE-2023-31082 was published Apr 24, 2023
An invalid free in mb_detect_order can cause the application to crash or potentially result in... High Unreviewed
CVE-2019-11930 was published May 24, 2022
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can... High Unreviewed
CVE-2022-42309 was published Nov 1, 2022
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. Critical Unreviewed
CVE-2021-30473 was published May 24, 2022
A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for... Moderate Unreviewed
CVE-2022-46486 was published Dec 30, 2023
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language... High Unreviewed
CVE-2021-3939 was published May 24, 2022
There exists a use-after-free vulnerability in the Linux kernel through io_uring and the... High Unreviewed
CVE-2022-4696 was published Jan 11, 2023
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and... Critical Unreviewed
CVE-2021-42377 was published May 24, 2022
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose()... Moderate Unreviewed
CVE-2022-2521 was published Sep 1, 2022
lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a... Moderate Unreviewed
CVE-2020-24371 was published May 24, 2022
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit... Moderate Unreviewed
CVE-2021-40042 was published Feb 1, 2022
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2.... Critical Unreviewed
CVE-2021-3682 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database