GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,438

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

40 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource... Moderate Unreviewed

CVE-2020-25598 was published May 24, 2022

An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid... High Unreviewed

CVE-2019-11412 was published May 24, 2022

** DISPUTED ** The WebRTC component in the Signal Private Messenger application through 4.47.7... Critical Unreviewed

CVE-2019-17192 was published May 24, 2022

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and... Moderate Unreviewed

CVE-2020-3885 was published May 24, 2022

Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM)... Moderate Unreviewed

CVE-2020-8671 was published May 24, 2022

An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing... High Unreviewed

CVE-2020-25603 was published May 24, 2022

Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left... High Unreviewed

CVE-2020-36277 was published May 24, 2022

MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one... Moderate Unreviewed

CVE-2020-35477 was published May 24, 2022

An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks... Moderate Unreviewed

CVE-2021-0273 was published May 24, 2022

In updateCapabilities of ConnectivityService.java, there is a possible incorrect network state... High Unreviewed

CVE-2021-0517 was published May 24, 2022

A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco... High Unreviewed

CVE-2021-34767 was published May 24, 2022

On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions prior to 16.1.2.1, 15.1.x versions prior... High Unreviewed

CVE-2022-26890 was published May 6, 2022

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a... High Unreviewed

CVE-2018-16766 was published May 13, 2022

In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser()... Moderate Unreviewed

CVE-2018-19212 was published May 13, 2022

Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network... High Unreviewed

CVE-2019-9946 was published May 13, 2022

An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local... High Unreviewed

CVE-2017-0604 was published May 13, 2022

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to... Moderate Unreviewed

CVE-2018-19058 was published May 13, 2022

In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a... High Unreviewed

CVE-2023-20915 was published Jan 26, 2023

In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically... High Unreviewed

CVE-2023-20921 was published Jan 26, 2023

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine... Moderate Unreviewed

CVE-2021-1236 was published May 24, 2022

Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before... High Unreviewed

CVE-2022-36278 was published Feb 16, 2023

Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2... Moderate Unreviewed

CVE-2022-26841 was published Feb 16, 2023

Insufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools... High Unreviewed

CVE-2022-27808 was published Feb 16, 2023

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will... High Unreviewed

CVE-2023-1668 was published Apr 11, 2023

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security... Moderate Unreviewed

CVE-2021-3011 was published May 24, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

40 advisories