GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,532
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,984
Maven 5,159
npm 3,701
NuGet 657
pip 3,325
Pub 11
RubyGems 882
Rust 835
Swift 35

Unreviewed advisories

All unreviewed 233,156

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

53 advisories

Filter by severity

Sort by

Least recently updated

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. High Unreviewed

CVE-2022-24958 was published Feb 12, 2022

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon... High Unreviewed

CVE-2022-25661 was published Oct 19, 2022

Information disclosure due to untrusted pointer dereference in kernel in Snapdragon Auto,... High Unreviewed

CVE-2022-25662 was published Oct 19, 2022

A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1... High Unreviewed

CVE-2022-28203 was published Sep 20, 2022

When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed... High Unreviewed

CVE-2022-41691 was published Oct 20, 2022

Denial of service in MODEM due to improper pointer handling Moderate Unreviewed

CVE-2022-25725 was published Jan 9, 2023

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid... Moderate Unreviewed

CVE-2019-20170 was published May 24, 2022

Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these... High Unreviewed

CVE-2020-15670 was published May 24, 2022

Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some... High Unreviewed

CVE-2020-15673 was published May 24, 2022

Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed... High Unreviewed

CVE-2020-15674 was published May 24, 2022

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause... High Unreviewed

CVE-2020-5139 was published May 24, 2022

Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is... High Unreviewed

CVE-2022-37451 was published Aug 7, 2022

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd... High Unreviewed

CVE-2020-36224 was published May 24, 2022

An invalid free in Thrift's table-based serialization can cause the application to crash or... Critical Unreviewed

CVE-2021-24028 was published May 24, 2022

A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition (Def... High Unreviewed

CVE-2021-22760 was published May 24, 2022

Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::... High Unreviewed

CVE-2020-36404 was published May 24, 2022

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting... High Unreviewed

CVE-2021-28216 was published May 24, 2022

An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow... High Unreviewed

CVE-2020-12963 was published May 24, 2022

Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that... High Unreviewed

CVE-2007-4367 was published May 1, 2022

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using... Critical Unreviewed

CVE-2022-31625 was published Jun 17, 2022

An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through... Moderate Unreviewed

CVE-2020-28941 was published May 24, 2022

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an... Moderate Unreviewed

CVE-2015-2695 was published May 13, 2022

The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a... Critical Unreviewed

CVE-2018-6836 was published May 13, 2022

An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in... Moderate Unreviewed

CVE-2020-27797 was published Aug 26, 2022

An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX... Moderate Unreviewed

CVE-2020-27798 was published Aug 26, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

53 advisories