Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,115
Maven
5,000+
npm
3,767
NuGet
680
pip
3,454
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

60 advisories

Loading
PowerDNS Authoritative daemon , all versions pdns 4.1.x before pdns 4.1.10, exiting when... Moderate Unreviewed
CVE-2019-10203 was published May 24, 2022
Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in... Critical Unreviewed
CVE-2019-14842 was published May 24, 2022
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a... High Unreviewed
CVE-2019-19317 was published May 24, 2022
Signed to Unsigned Conversion Error in Facebook Hermes High
CVE-2020-1913 was published for hermes-engine (npm) May 24, 2022
Windows Kernel Local Elevation of Privilege Vulnerability High Unreviewed
CVE-2020-17087 was published May 24, 2022
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function... High Unreviewed
CVE-2021-27219 was published May 24, 2022
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If... High Unreviewed
CVE-2021-27218 was published May 24, 2022
Windows MSHTML Platform Remote Code Execution Vulnerability High Unreviewed
CVE-2021-33742 was published May 24, 2022
Due to unexpected data type conversions, a use-after-free could have occurred when interacting... High Unreviewed
CVE-2021-23997 was published May 24, 2022
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer... High Unreviewed
CVE-2021-32461 was published May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality... High Unreviewed
CVE-2021-21861 was published May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality... High Unreviewed
CVE-2021-21860 was published May 24, 2022
An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for... Critical Unreviewed
CVE-2021-36357 was published May 24, 2022
An exploitable sign extension vulnerability exists in the TextMaker document parsing... High Unreviewed
CVE-2020-13544 was published May 24, 2022
An exploitable signed conversion vulnerability exists in the TextMaker document parsing... High Unreviewed
CVE-2020-13545 was published May 24, 2022
An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux... Moderate Unreviewed
CVE-2020-28588 was published May 24, 2022
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this... High Unreviewed
CVE-2014-125011 was published Jun 19, 2022
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an... Moderate Unreviewed
CVE-2014-125012 was published Jun 19, 2022
Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets High
CVE-2022-34169 was published for xalan:xalan (Maven) Jul 20, 2022
udengaardandersent-ELS Diddern
skuma762_uhg
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large... High Unreviewed
CVE-2022-2639 was published Sep 2, 2022
Besu VM vulnerable to gas allocation error in CALL operations Critical
CVE-2022-36025 was published for org.hyperledger.besu:evm (Maven) Sep 23, 2022
holiman
An integer conversion error in Hermes bytecode generation, prior to commit... Critical Unreviewed
CVE-2022-40138 was published Oct 11, 2022
Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed... Moderate Unreviewed
CVE-2022-42324 was published Nov 1, 2022
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of... Critical Unreviewed
CVE-2022-43663 was published Mar 20, 2023
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign... High Unreviewed
CVE-2023-0185 was published Apr 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database