Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

21 advisories

Loading
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37089 was published Dec 8, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37080 was published Dec 8, 2021
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37092 was published Dec 9, 2021
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP)... High Unreviewed
CVE-2022-0646 was published Feb 19, 2022
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when... High Unreviewed
CVE-2005-1744 was published May 1, 2022
Resource leakage when decoding certificates and keys High
CVE-2022-1473 was published for openssl-src (Rust) May 4, 2022
pinkforest
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping... High Unreviewed
CVE-2018-18281 was published May 13, 2022
The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by... High Unreviewed
CVE-2018-18924 was published May 13, 2022
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe... High Unreviewed
CVE-2017-0303 was published May 13, 2022
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and... High Unreviewed
CVE-2017-17090 was published May 13, 2022
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS... High Unreviewed
CVE-2018-19961 was published May 13, 2022
Flarum mishandles invalidation of user email tokens High
CVE-2019-11514 was published for flarum/flarum (Composer) May 24, 2022
There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6.8 when changing the user... High Unreviewed
CVE-2019-25016 was published May 24, 2022
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially... High Unreviewed
CVE-2020-24489 was published May 24, 2022
Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore... High Unreviewed
CVE-2022-42320 was published Nov 1, 2022
Local privilege escalation due to incomplete uninstallation cleanup. The following products are... High Unreviewed
CVE-2022-45455 was published Feb 13, 2023
redis-py Race Condition due to incomplete fix High
CVE-2023-28859 was published for redis (pip) Mar 26, 2023
artoj-iceye sreecharanguduri
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4... High Unreviewed
CVE-2023-0836 was published Mar 29, 2023
A double-free flaw was found in the Linux kernel’s NTFS3 subsystem in how a user triggers remount... High Unreviewed
CVE-2022-3238 was published Jul 6, 2023
Apache Struts Improper Control of Dynamically-Managed Code Resources vulnerability High
CVE-2023-41835 was published for org.apache.struts:struts2-core (Maven) Dec 5, 2023
A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless... High Unreviewed
CVE-2024-20303 was published Mar 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database