GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
80 advisories
Filter by severity
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of...
High
Unreviewed
CVE-2024-6287
was published
Jun 24, 2024
evmos allows transferring unvested tokens after delegations
Low
CVE-2024-32873
was published
for
github.com/evmos/evmos/v10
(Go)
Jun 6, 2024
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with...
Moderate
Unreviewed
CVE-2023-43490
was published
Mar 14, 2024
Vyper's `_abi_decode` input not validated in complex expressions
Moderate
CVE-2023-42460
was published
for
vyper
(pip)
Sep 26, 2023
A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the...
High
Unreviewed
CVE-2023-2423
was published
Aug 8, 2023
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before...
High
Unreviewed
CVE-2023-35848
was published
Jun 19, 2023
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font-...
Moderate
Unreviewed
CVE-2023-3161
was published
Jun 12, 2023
Frontier's modexp precompile is slow for even modulus
High
CVE-2023-28431
was published
for
frontier
(Rust)
Mar 21, 2023
OpenZeppelin Contracts contains Incorrect Calculation
Moderate
CVE-2023-26488
was published
for
@openzeppelin/contracts
(npm)
Mar 3, 2023
nistec has Incorrect Calculation in Multiplication of unreduced P-256 scalars
High
CVE-2023-24533
was published
for
filippo.io/nistec
(Go)
Mar 1, 2023
Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R)...
Moderate
Unreviewed
CVE-2022-33972
was published
Feb 16, 2023
An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti...
High
Unreviewed
CVE-2022-35258
was published
Dec 6, 2022
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1...
High
Unreviewed
CVE-2022-36795
was published
Oct 20, 2022
Weight not properly refunded after EVM execution
Moderate
CVE-2022-39242
was published
for
frontier
(Rust)
Sep 23, 2022
OpenZeppelin Contracts's GovernorVotesQuorumFraction updates to quorum may affect past defeated proposals
High
CVE-2022-31198
was published
for
@openzeppelin/contracts
(npm)
Aug 18, 2022
Cranelift vulnerable to miscompilation of constant values in division on AArch64
Moderate
CVE-2022-31169
was published
for
cranelift-codegen
(Rust)
Jul 21, 2022
Miscompilation of `i8x16.swizzle` and `select` with v128 inputs
Moderate
CVE-2022-31104
was published
for
cranelift-codegen
(Rust)
Jun 29, 2022
Uncontrolled Resource Consumption in fast-string-search
High
CVE-2022-22138
was published
for
fast-string-search
(npm)
Jun 18, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from...
Moderate
Unreviewed
CVE-2019-16346
was published
May 24, 2022
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from...
Moderate
Unreviewed
CVE-2019-16347
was published
May 24, 2022
In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events...
Moderate
Unreviewed
CVE-2021-34573
was published
May 24, 2022
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read...
Moderate
Unreviewed
CVE-2021-29945
was published
May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2021-31440
was published
May 24, 2022
A vulnerability has been identified in SCALANCE XM-400 Family (All versions < V6.4), SCALANCE XR...
High
Unreviewed
CVE-2020-28393
was published
May 24, 2022
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect...
Moderate
Unreviewed
CVE-2021-3114
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API