GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
55 advisories
Filter by severity
Improper synchronization in buttplug
Moderate
CVE-2020-36218
was published
for
buttplug
(Rust)
Aug 25, 2021
An exploitable denial-of-service vulnerability exists in the XML_UploadFile Wi-Fi command of the...
High
Unreviewed
CVE-2018-4027
was published
May 24, 2022
Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3.
High
Unreviewed
CVE-2022-1931
was published
Jun 1, 2022
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of...
Moderate
Unreviewed
CVE-2019-17344
was published
May 24, 2022
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to...
Moderate
Unreviewed
CVE-2019-17185
was published
May 24, 2022
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers...
Moderate
Unreviewed
CVE-2020-12769
was published
May 24, 2022
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an...
Moderate
Unreviewed
CVE-2020-3471
was published
May 24, 2022
The login verification can be bypassed by using the problem that the time is not synchronized...
High
Unreviewed
CVE-2020-14098
was published
May 24, 2022
An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in...
Moderate
Unreviewed
CVE-2021-25376
was published
May 24, 2022
Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions...
High
Unreviewed
CVE-2021-20592
was published
May 24, 2022
In vcu, there is a possible memory corruption due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-32613
was published
Nov 9, 2022
In vcu, there is a possible use after free due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-32612
was published
Nov 9, 2022
In vcu, there is a possible use after free due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-32610
was published
Nov 9, 2022
In vcu, there is a possible use after free due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-32609
was published
Nov 9, 2022
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface...
High
Unreviewed
CVE-2016-8368
was published
May 13, 2022
Data race in atomic-option
Moderate
CVE-2020-36219
was published
for
atomic-option
(Rust)
Aug 25, 2021
In vow, there is a possible use after free due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-32644
was published
Jan 3, 2023
In disp, there is a possible use after free due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-32648
was published
Jan 3, 2023
In vow, there is a possible information disclosure due to a race condition. This could lead to...
Moderate
Unreviewed
CVE-2022-32645
was published
Jan 3, 2023
In vdec fmt, there is a possible use after free due to improper locking. This could lead to local...
Moderate
Unreviewed
CVE-2022-26473
was published
Oct 8, 2022
In isp, there is a possible use after free due to improper locking. This could lead to local...
Moderate
Unreviewed
CVE-2022-26452
was published
Oct 8, 2022
Deadlock in mutually recursive `tf.function` objects
Moderate
CVE-2021-41213
was published
for
tensorflow
(pip)
Nov 10, 2021
ProTip!
Advisories are also available from the
GraphQL API