Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

105 advisories

Loading
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line... High Unreviewed
CVE-2018-11790 was published May 13, 2022
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive... High Unreviewed
CVE-2017-12135 was published May 13, 2022
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote... Moderate Unreviewed
CVE-2011-3062 was published May 13, 2022
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are... Moderate Unreviewed
CVE-2011-1573 was published May 13, 2022
ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE... Moderate Unreviewed
CVE-2018-16781 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan... High Unreviewed
CVE-2018-18225 was published May 13, 2022
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote... Moderate Unreviewed
CVE-2016-7433 was published May 13, 2022
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel... Moderate Unreviewed
CVE-2022-29978 was published May 12, 2022
Incorrect Calculation in solana_rbpf Critical
CVE-2022-23066 was published for solana_rbpf (Rust) May 10, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x... High Unreviewed
CVE-2022-26517 was published May 6, 2022
STB v2.27 was discovered to contain an integer shift of invalid size in the component... High Unreviewed
CVE-2022-28048 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can... High Unreviewed
CVE-2021-44490 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can... High Unreviewed
CVE-2021-44491 was published Apr 16, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... High Unreviewed
CVE-2021-44504 was published Apr 16, 2022
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts... High Unreviewed
CVE-2021-45960 was published Feb 10, 2022
Incorrect Calculation in github.com/open-policy-agent/opa Moderate
CVE-2022-23628 was published for github.com/open-policy-agent/opa (Go) Feb 9, 2022
johanneslarsson Credited to johanneslarsson
On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3,... High Unreviewed
CVE-2022-23011 was published Jan 26, 2022
On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all... Moderate Unreviewed
CVE-2022-23028 was published Jan 26, 2022
Incorrect Calculation in the MSR JavaScript Cryptography Library High
CVE-2020-1026 was published for msrcrypto (npm) Jan 6, 2022
Segfault due to negative splits in `SplitV` Moderate
CVE-2021-41222 was published for tensorflow (pip) Nov 10, 2021
missing clamps for decimal args in external functions Moderate
CVE-2021-41122 was published for vyper (pip) Oct 6, 2021
Calculation error in ark-r1cs-std Critical
CVE-2021-38194 was published for ark-r1cs-std (Rust) Aug 25, 2021
tdunlap607 Credited to tdunlap607
Flaw in streaming state in orion High
CVE-2018-20999 was published for orion (Rust) Aug 25, 2021
Incorrect TCR calculation in batchLiquidateTroves() during Recovery Mode Low
GHSA-xh2p-7p87-fhgh was published for @liquity/contracts (npm) Aug 5, 2021
Consensus flaw during block processing in github.com/ethereum/go-ethereum Moderate
CVE-2020-26265 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk Credited to johnyangk
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database