Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,426
Erlang
29
GitHub Actions
16
Go
1,653
Maven
4,915
npm
3,442
NuGet
594
pip
2,832
Pub
10
RubyGems
823
Rust
763
Swift
34
Unreviewed advisories
All unreviewed
5,000+

25 advisories

fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles... Moderate Unreviewed
CVE-2017-7495 was published May 17, 2022
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations... High Unreviewed
CVE-2016-10088 was published May 14, 2022
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the... Moderate Unreviewed
CVE-2016-7042 was published May 14, 2022
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a... Moderate Unreviewed
CVE-2016-7097 was published May 14, 2022
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local... Moderate Unreviewed
CVE-2016-8645 was published May 14, 2022
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel... High Unreviewed
CVE-2016-9806 was published May 14, 2022
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not... High Unreviewed
CVE-2016-9576 was published May 14, 2022
Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1... Moderate Unreviewed
CVE-2016-9685 was published May 14, 2022
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79... Moderate Unreviewed
CVE-2017-6951 was published May 14, 2022
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users... High Unreviewed
CVE-2017-7187 was published May 14, 2022
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local... High Unreviewed
CVE-2017-7533 was published May 14, 2022
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type... High Unreviewed
CVE-2017-8797 was published May 14, 2022
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to... High Unreviewed
CVE-2017-6001 was published May 14, 2022
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4... High Unreviewed
CVE-2017-8890 was published May 14, 2022
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that... High Unreviewed
CVE-2017-9074 was published May 14, 2022
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1... High Unreviewed
CVE-2017-9077 was published May 13, 2022
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1... High Unreviewed
CVE-2017-9076 was published May 13, 2022
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1... High Unreviewed
CVE-2017-9075 was published May 13, 2022
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9... High Unreviewed
CVE-2017-5970 was published May 13, 2022
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in... Moderate Unreviewed
CVE-2017-2671 was published May 13, 2022
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an... Moderate Unreviewed
CVE-2016-9604 was published May 13, 2022
Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb... High Unreviewed
CVE-2017-2669 was published May 13, 2022
Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5... Moderate Unreviewed
CVE-2015-8839 was published May 13, 2022
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the... High Unreviewed
CVE-2017-7889 was published May 13, 2022
Improper Input Validation in async-http-client High
CVE-2017-14063 was published for org.asynchttpclient:async-http-client (Maven) Oct 19, 2018
ProTip! Advisories are also available from the GraphQL API