Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,431 advisories

Loading
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates... High Unreviewed
CVE-2022-23039 was published Mar 11, 2022
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates... High Unreviewed
CVE-2022-23041 was published Mar 11, 2022
Data races in async-coap High
CVE-2020-36444 was published for async-coap (Rust) Aug 25, 2021
Data race in ruspiro-singleton High
CVE-2020-36435 was published for ruspiro-singleton (Rust) Aug 25, 2021
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates... High Unreviewed
CVE-2022-23040 was published Mar 11, 2022
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates... High Unreviewed
CVE-2022-23036 was published Mar 11, 2022
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates... High Unreviewed
CVE-2022-23042 was published Mar 11, 2022
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates... High Unreviewed
CVE-2022-23037 was published Mar 11, 2022
Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates... High Unreviewed
CVE-2022-23038 was published Mar 11, 2022
A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface ... High Unreviewed
CVE-2021-4202 was published Mar 26, 2022
Multiple vulnerabilities in the authentication mechanism of confd in FortiWeb versions 6.4.1, 6.4... Critical Unreviewed
CVE-2021-41025 was published Dec 9, 2021
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition.... Moderate Unreviewed
CVE-2021-0920 was published Dec 16, 2021
When visiting directory listings for `chrome://` URLs as source text, some parameters were... Moderate Unreviewed
CVE-2022-36318 was published Dec 22, 2022
In vow, there is a possible memory corruption due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2022-20078 was published Apr 12, 2022
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE... Moderate Unreviewed
CVE-2022-27481 was published Apr 13, 2022
In vow, there is a possible memory corruption due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2022-20077 was published Apr 12, 2022
In SUB2AF, there is a possible memory corruption due to a race condition. This could lead to... Moderate Unreviewed
CVE-2022-20080 was published Apr 12, 2022
FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any... Moderate Unreviewed
CVE-2011-1075 was published Apr 22, 2022
In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way... High Unreviewed
CVE-2022-20006 was published May 11, 2022
An exploitable vulnerability exists in the signature verification of the firmware update... High Unreviewed
CVE-2017-2898 was published May 13, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security Moderate
CVE-2011-2731 was published for org.springframework.security:spring-security-core (Maven) May 17, 2022
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There... High Unreviewed
CVE-2019-12263 was published May 24, 2022
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after... Moderate Unreviewed
CVE-2020-6820 was published May 24, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch Moderate
CVE-2019-7614 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
In decrypt of CryptoPlugin.cpp, there is a possible use-after-free due to a race condition. This... Moderate Unreviewed
CVE-2021-0564 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database