GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,162
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,375 advisories
Filter by severity
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
Critical
Unreviewed
CVE-2021-38575
was published
Dec 2, 2021
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST...
Critical
Unreviewed
CVE-2021-21950
was published
Dec 9, 2021
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST...
Critical
Unreviewed
CVE-2021-21951
was published
Dec 9, 2021
An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling...
Critical
Unreviewed
CVE-2021-40393
was published
Dec 23, 2021
In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0...
Critical
Unreviewed
CVE-2021-31617
was published
Feb 8, 2022
An issue was discovered in NvmExpressDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM...
Critical
Unreviewed
CVE-2022-24031
was published
Feb 9, 2022
njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via...
Critical
Unreviewed
CVE-2021-46461
was published
Feb 15, 2022
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large...
Critical
Unreviewed
CVE-2021-3657
was published
Feb 19, 2022
Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red...
Critical
Unreviewed
CVE-2021-20325
was published
Feb 19, 2022
There is a memory address out of bounds in smartphones. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-22433
was published
Feb 26, 2022
There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of...
Critical
Unreviewed
CVE-2021-22434
was published
Feb 26, 2022
There is a memory address out of bounds in smartphones. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-22429
was published
Feb 26, 2022
There is a memory address out of bounds in smartphones. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-22426
was published
Feb 26, 2022
There is a vulnerability when configuring permission isolation in smartphones. Successful...
Critical
Unreviewed
CVE-2021-22432
was published
Feb 26, 2022
There is a vulnerability when configuring permission isolation in smartphones. Successful...
Critical
Unreviewed
CVE-2021-22431
was published
Feb 26, 2022
Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code...
Critical
Unreviewed
CVE-2022-25818
was published
Mar 11, 2022
In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an...
Critical
Unreviewed
CVE-2021-39708
was published
Mar 17, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using...
Critical
Unreviewed
CVE-2021-44496
was published
Apr 16, 2022
In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c...
Critical
Unreviewed
CVE-2007-6762
was published
Apr 21, 2022
In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c...
Critical
Unreviewed
CVE-2011-5327
was published
Apr 22, 2022
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn...
Critical
Unreviewed
CVE-2012-6712
was published
Apr 23, 2022
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a...
Critical
Unreviewed
CVE-2005-3590
was published
May 1, 2022
A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have...
Critical
Unreviewed
CVE-2007-5199
was published
May 1, 2022
Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.
Critical
Unreviewed
CVE-2007-5341
was published
May 1, 2022
In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in...
Critical
Unreviewed
CVE-2009-5153
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API