Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

31 advisories

Loading
An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and... Moderate Unreviewed
CVE-2019-5435 was published May 24, 2022
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less... Moderate Unreviewed
CVE-2021-28039 was published May 24, 2022
An integer overflow was found in the __vsyslog_internal function of the glibc library. This... Moderate Unreviewed
CVE-2023-6780 was published Jan 31, 2024
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a ... Moderate Unreviewed
CVE-2004-0747 was published Apr 29, 2022
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions,... Moderate Unreviewed
CVE-2005-0490 was published May 1, 2022
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local... Moderate Unreviewed
CVE-2004-0940 was published Apr 29, 2022
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a... Moderate Unreviewed
CVE-2001-0334 was published Apr 30, 2022
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer... Moderate Unreviewed
CVE-2022-32624 was published Dec 5, 2022
An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an... Moderate Unreviewed
CVE-2019-3560 was published May 24, 2022
Incorrect buffer size in crossbeam-channel Moderate
CVE-2020-35904 was published for crossbeam-channel (Rust) Aug 25, 2021
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host... Moderate Unreviewed
CVE-2022-2873 was published Aug 23, 2022
In pqframework, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-20627 was published Mar 7, 2023
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at... Moderate Unreviewed
CVE-2022-2520 was published Sep 1, 2022
In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer... Moderate Unreviewed
CVE-2022-26474 was published Oct 8, 2022
In mtk-isp, there is a possible use after free due to a logic error. This could lead to local... Moderate Unreviewed
CVE-2022-32650 was published Jan 3, 2023
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local... Moderate Unreviewed
CVE-2022-32651 was published Jan 3, 2023
In jpeg, there is a possible use after free due to a logic error. This could lead to local... Moderate Unreviewed
CVE-2022-32649 was published Jan 3, 2023
process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed
CVE-2017-14934 was published May 13, 2022
Heap OOB and null pointer dereference in `RaggedTensorToTensor` Moderate
CVE-2021-29608 was published for tensorflow (pip) May 21, 2021
Overflow in `tf.keras.losses.poisson` Moderate
CVE-2022-41887 was published for tensorflow (pip) Nov 21, 2022
Overflow in `ImageProjectiveTransformV2` Moderate
CVE-2022-41886 was published for tensorflow (pip) Nov 21, 2022
Overflow in `FusedResizeAndPadConv2D` Moderate
CVE-2022-41885 was published for tensorflow (pip) Nov 21, 2022
Overflow in `ResizeNearestNeighborGrad` Moderate
CVE-2022-41907 was published for tensorflow (pip) Nov 21, 2022
A memory corruption vulnerability exists in the ioca_mys_rgb_allocate functionality of Accusoft... Moderate Unreviewed
CVE-2022-22137 was published May 4, 2022
A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata... Moderate Unreviewed
CVE-2020-14385 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API