GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,426
Erlang
29
GitHub Actions
16
Go
1,655
Maven
4,916
npm
3,444
NuGet
594
pip
2,834
Pub
10
RubyGems
823
Rust
763
Swift
34
Unreviewed advisories
All unreviewed
5,000+
78 advisories
Filter by severity
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote...
Moderate
Unreviewed
CVE-2011-4909
was published
May 17, 2022
Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) in Linux kernel 2.6.35...
Moderate
Unreviewed
CVE-2010-4175
was published
May 17, 2022
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of...
Moderate
Unreviewed
CVE-2011-0536
was published
May 14, 2022
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context...
Moderate
Unreviewed
CVE-2011-1071
was published
May 14, 2022
The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores...
Moderate
Unreviewed
CVE-2011-1090
was published
May 14, 2022
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not...
Moderate
Unreviewed
CVE-2011-1095
was published
May 14, 2022
Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the...
Moderate
Unreviewed
CVE-2011-1494
was published
May 14, 2022
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1)...
High
Unreviewed
CVE-2011-1495
was published
May 14, 2022
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier...
Moderate
Unreviewed
CVE-2011-1659
was published
May 14, 2022
ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic...
Low
Unreviewed
CVE-2011-1658
was published
May 14, 2022
arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS) implementation in the...
Moderate
Unreviewed
CVE-2010-2938
was published
May 14, 2022
Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel...
Moderate
Unreviewed
CVE-2010-3015
was published
May 14, 2022
The io_submit_one function in fs/aio.c in the Linux kernel before 2.6.23 allows local users to...
Moderate
Unreviewed
CVE-2010-3066
was published
May 14, 2022
include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception...
Moderate
Unreviewed
CVE-2010-3086
was published
May 14, 2022
The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel...
Low
Unreviewed
CVE-2010-3699
was published
May 14, 2022
The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2...
Moderate
Unreviewed
CVE-2010-4161
was published
May 14, 2022
The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux ...
Moderate
Unreviewed
CVE-2010-4238
was published
May 14, 2022
The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the...
Moderate
Unreviewed
CVE-2010-4242
was published
May 14, 2022
The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms,...
Moderate
Unreviewed
CVE-2010-4255
was published
May 14, 2022
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap...
Moderate
Unreviewed
CVE-2010-4247
was published
May 14, 2022
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP...
Moderate
Unreviewed
CVE-2011-0282
was published
May 13, 2022
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6...
Moderate
Unreviewed
CVE-2011-0281
was published
May 13, 2022
The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation...
Moderate
Unreviewed
CVE-2011-1478
was published
May 13, 2022
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly...
High
Unreviewed
CVE-2010-4251
was published
May 13, 2022
The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb...
High
Unreviewed
CVE-2010-4263
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API