Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,984
Maven
5,000+
npm
3,701
NuGet
657
pip
3,325
Pub
11
RubyGems
882
Rust
835
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

53 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix releasing... Moderate Unreviewed
CVE-2021-47615 was published Jun 19, 2024
A memory corruption vulnerability in HddPassword in Insyde InsydeH2O kernel 5.2 before 05.29.09,... High Unreviewed
CVE-2024-25079 was published May 15, 2024
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ... Low Unreviewed
CVE-2024-50057 was published Oct 21, 2024
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not... High Unreviewed
CVE-2022-48425 was published Mar 19, 2023
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay... High Unreviewed
CVE-2024-6607 was published Jul 9, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Page fault in... Moderate Unreviewed
CVE-2022-48835 was published Jul 16, 2024
Memory corruption while reading ACPI config through the user mode app. High Unreviewed
CVE-2023-43532 was published Feb 6, 2024
Copy_from_user on 64-bit versions of the Linux kernel does not implement the... Moderate Unreviewed
CVE-2023-0459 was published Jul 6, 2023
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine... High Unreviewed
CVE-2023-34312 was published Jun 1, 2023
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted... High Unreviewed
CVE-2022-26942 was published Oct 19, 2023
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an... High Unreviewed
CVE-2023-4883 was published Oct 3, 2023
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer... Moderate Unreviewed
CVE-2020-27545 was published Apr 16, 2023
An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping... Moderate Unreviewed
CVE-2023-31082 was published Apr 24, 2023
An invalid free in mb_detect_order can cause the application to crash or potentially result in... High Unreviewed
CVE-2019-11930 was published May 24, 2022
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can... High Unreviewed
CVE-2022-42309 was published Nov 1, 2022
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. Critical Unreviewed
CVE-2021-30473 was published May 24, 2022
A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for... Moderate Unreviewed
CVE-2022-46486 was published Dec 30, 2023
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language... High Unreviewed
CVE-2021-3939 was published May 24, 2022
There exists a use-after-free vulnerability in the Linux kernel through io_uring and the... High Unreviewed
CVE-2022-4696 was published Jan 11, 2023
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and... Critical Unreviewed
CVE-2021-42377 was published May 24, 2022
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose()... Moderate Unreviewed
CVE-2022-2521 was published Sep 1, 2022
lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a... Moderate Unreviewed
CVE-2020-24371 was published May 24, 2022
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit... Moderate Unreviewed
CVE-2021-40042 was published Feb 1, 2022
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2.... Critical Unreviewed
CVE-2021-3682 was published May 24, 2022
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which... Moderate Unreviewed
CVE-2021-45261 was published Dec 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database