Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

20 advisories

Loading
Wrong memory orderings violates mutual exclusion in spin High
CVE-2019-16137 was published for spin (Rust) Aug 25, 2021
Data races in gfwx High
CVE-2020-36211 was published for gfwx (Rust) Aug 25, 2021
Data races in late-static High
CVE-2020-36209 was published for late-static (Rust) Aug 25, 2021
Data races in aovec High
CVE-2020-36207 was published for aovec (Rust) Aug 25, 2021
Data races in conquer-once High
CVE-2020-36208 was published for conquer-once (Rust) Aug 25, 2021
Data races in rusb High
CVE-2020-36206 was published for rusb (Rust) Aug 25, 2021
Data races in hashconsing High
CVE-2020-36215 was published for hashconsing (Rust) Aug 25, 2021
Improper Synchronization and Race Condition in vm-memory High
CVE-2020-13759 was published for vm-memory (Rust) Aug 25, 2021
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface... High Unreviewed
CVE-2016-8368 was published May 13, 2022
An exploitable denial-of-service vulnerability exists in the XML_UploadFile Wi-Fi command of the... High Unreviewed
CVE-2018-4027 was published May 24, 2022
The login verification can be bypassed by using the problem that the time is not synchronized... High Unreviewed
CVE-2020-14098 was published May 24, 2022
Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions... High Unreviewed
CVE-2021-20592 was published May 24, 2022
Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3. High Unreviewed
CVE-2022-1931 was published Jun 1, 2022
A DMA reentrancy issue was found in the Tulip device emulation in QEMU. When Tulip reads or... High Unreviewed
CVE-2022-2962 was published Sep 14, 2022
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by... High Unreviewed
CVE-2022-3565 was published Oct 18, 2022
Western Digital has identified a weakness in the UFS standard that could result in a security... High Unreviewed
CVE-2022-23005 was published Jan 24, 2023
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2023-28229 was published Apr 11, 2023
Grafana Missing Synchronization vulnerability High
CVE-2023-2801 was published for github.com/grafana/grafana (Go) Jun 6, 2023
An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot... High Unreviewed
CVE-2023-45084 was published Dec 5, 2023
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS)... High Unreviewed
CVE-2024-7409 was published Aug 5, 2024
ProTip! Advisories are also available from the GraphQL API