Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

248 advisories

Loading
In canvas rendering, a compromised content process could have caused a surface to change... High Unreviewed
CVE-2023-5170 was published Sep 27, 2023
A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol... High Unreviewed
CVE-2024-21611 was published Jan 12, 2024
A denial of service vulnerability exists in Microsoft Outlook software when the software fails to... High Unreviewed
CVE-2020-16949 was published May 24, 2022
HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability High
CVE-2023-5954 was published for github.com/hashicorp/vault (Go) Nov 9, 2023
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version... High Unreviewed
CVE-2023-0248 was published Dec 14, 2023
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes... High Unreviewed
CVE-2023-48090 was published Nov 20, 2023
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An... High Unreviewed
CVE-2021-3905 was published Aug 24, 2022
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. High Unreviewed
CVE-2019-20388 was published May 24, 2022
CometBFT may duplicate transactions in the mempool's data structures High
CVE-2023-34451 was published for github.com/cometbft/cometbft (Go) Jul 5, 2023
otrack
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5... High Unreviewed
CVE-2022-20785 was published May 5, 2022
A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2020-3572 was published May 24, 2022
A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance ... High Unreviewed
CVE-2020-3373 was published May 24, 2022
A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE)... High Unreviewed
CVE-2019-1708 was published May 24, 2022
There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta... High Unreviewed
CVE-2021-42522 was published Aug 26, 2022
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd... High Unreviewed
CVE-2021-42523 was published Aug 26, 2022
Undertow vulnerable to memory exhaustion due to buffer leak High
CVE-2021-3690 was published for io.undertow:undertow-core (Maven) Jul 15, 2022
sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a... High Unreviewed
CVE-2019-6502 was published May 13, 2022
Missing release of memory in sized-chunks High
CVE-2020-25795 was published for sized-chunks (Rust) Aug 25, 2021
crossbeam-channel Undefined Behavior before v0.4.4 High
CVE-2020-15254 was published for crossbeam-channel (Rust) Aug 25, 2021
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by... High Unreviewed
CVE-2022-3551 was published Oct 17, 2022
GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in... High Unreviewed
CVE-2023-23145 was published Jan 20, 2023
A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point ... High Unreviewed
CVE-2021-34740 was published May 24, 2022
SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11... High Unreviewed
CVE-2022-34568 was published Jul 29, 2022
A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in... High Unreviewed
CVE-2022-4743 was published Jan 12, 2023
mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies... High Unreviewed
CVE-2021-46854 was published Nov 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database