Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,722
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,947
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

65 advisories

Loading
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts... High Unreviewed
CVE-2021-45960 was published Feb 10, 2022
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS... High Unreviewed
CVE-2017-12134 was published May 13, 2022
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point... Moderate Unreviewed
CVE-2017-11537 was published May 13, 2022
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in... Moderate Unreviewed
CVE-2017-8932 was published May 13, 2022
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest... High Unreviewed
CVE-2017-8905 was published May 13, 2022
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type... High Unreviewed
CVE-2017-8326 was published May 13, 2022
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote... Moderate Unreviewed
CVE-2016-7433 was published May 13, 2022
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95.... Moderate Unreviewed
CVE-2019-20051 was published May 24, 2022
Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause... Moderate Unreviewed
CVE-2023-31347 was published Feb 13, 2024
The mstatus register in RSD commit 3d13a updates incorrectly, leading to processing errors. Moderate Unreviewed
CVE-2024-25883 was published Feb 7, 2025
There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with... Moderate Unreviewed
CVE-2024-11407 was published Nov 26, 2024
Improper access control vulnerability in M-Files Aino in versions before 24.10 allowed an... Moderate Unreviewed
CVE-2024-11176 was published Nov 20, 2024
A flaw in DRBG number generation within the Network Security Services (NSS) library where the... Moderate Unreviewed
CVE-2017-5462 was published May 13, 2022
An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the... Moderate Unreviewed
CVE-2023-36980 was published Sep 11, 2023
An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect... Critical Unreviewed
CVE-2024-36736 was published Jun 6, 2024
Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and... Critical Unreviewed
CVE-2024-23981 was published Aug 14, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow... High Unreviewed
CVE-2024-41011 was published Jul 18, 2024
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix... Moderate Unreviewed
CVE-2024-42231 was published Jul 30, 2024
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of... High Unreviewed
CVE-2024-6287 was published Jun 24, 2024
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from... Moderate Unreviewed
CVE-2019-16347 was published May 24, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from... Moderate Unreviewed
CVE-2019-16346 was published May 24, 2022
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with... Moderate Unreviewed
CVE-2023-43490 was published Mar 14, 2024
A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the... High Unreviewed
CVE-2023-2423 was published Aug 8, 2023
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before... High Unreviewed
CVE-2023-35848 was published Jun 19, 2023
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font-... Moderate Unreviewed
CVE-2023-3161 was published Jun 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database