Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can... High Unreviewed
CVE-2021-44490 was published Apr 16, 2022
STB v2.27 was discovered to contain an integer shift of invalid size in the component... High Unreviewed
CVE-2022-28048 was published Apr 16, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... High Unreviewed
CVE-2021-44504 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can... High Unreviewed
CVE-2021-44491 was published Apr 16, 2022
Uncontrolled Resource Consumption in fast-string-search High
CVE-2022-22138 was published for fast-string-search (npm) Jun 18, 2022
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode... High Unreviewed
CVE-2017-0342 was published May 17, 2022
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts... High Unreviewed
CVE-2021-45960 was published Feb 10, 2022
The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an... High Unreviewed
CVE-2021-3004 was published May 24, 2022
A vulnerability has been identified in SCALANCE XM-400 Family (All versions < V6.4), SCALANCE XR... High Unreviewed
CVE-2020-28393 was published May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-31440 was published May 24, 2022
OpenZeppelin Contracts's GovernorVotesQuorumFraction updates to quorum may affect past defeated proposals High
CVE-2022-31198 was published for @openzeppelin/contracts (npm) Aug 18, 2022
In FreeBSD 12.0-STABLE before r350222, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before... High Unreviewed
CVE-2019-5607 was published May 24, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x... High Unreviewed
CVE-2022-26517 was published May 6, 2022
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan... High Unreviewed
CVE-2018-18225 was published May 13, 2022
Incorrect Calculation in the MSR JavaScript Cryptography Library High
CVE-2020-1026 was published for msrcrypto (npm) Jan 6, 2022
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive... High Unreviewed
CVE-2017-12135 was published May 13, 2022
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line... High Unreviewed
CVE-2018-11790 was published May 13, 2022
A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could... High Unreviewed
CVE-2018-15391 was published May 13, 2022
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4... High Unreviewed
CVE-2017-0666 was published May 13, 2022
An elevation of privilege vulnerability in Audioserver could enable a local malicious application... High Unreviewed
CVE-2017-0545 was published May 13, 2022
A remote code execution vulnerability in the Android media framework. Product: Android. Versions:... High Unreviewed
CVE-2017-0679 was published May 13, 2022
A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1... High Unreviewed
CVE-2017-0819 was published May 13, 2022
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS... High Unreviewed
CVE-2017-12134 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android... High Unreviewed
CVE-2017-13151 was published May 13, 2022
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission... High Unreviewed
CVE-2017-13288 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database