GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
25 advisories
Filter by severity
qpopper POP server creates lock files with predictable names, which allows local users to cause a...
Low
Unreviewed
CVE-2000-1198
was published
Apr 30, 2022
ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a...
Low
Unreviewed
CVE-2001-0682
was published
Apr 30, 2022
Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does not check whether the log...
Low
Unreviewed
CVE-2002-1869
was published
Apr 30, 2022
dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention)...
Low
Unreviewed
CVE-2002-1914
was published
Apr 30, 2022
tip on multiple BSD-based operating systems allows local users to cause a denial of service ...
Low
Unreviewed
CVE-2002-1915
was published
Apr 30, 2022
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6...
Low
Unreviewed
CVE-2005-2456
was published
May 1, 2022
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as...
Low
Unreviewed
CVE-2005-3106
was published
May 1, 2022
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2,...
Low
Unreviewed
CVE-2006-2374
was published
May 1, 2022
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote...
Low
Unreviewed
CVE-2006-5158
was published
May 1, 2022
net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain...
Low
Unreviewed
CVE-2009-1243
was published
May 2, 2022
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2...
Low
Unreviewed
CVE-2009-1961
was published
May 2, 2022
In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this...
Low
Unreviewed
CVE-2019-6156
was published
May 13, 2022
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79...
Low
Unreviewed
CVE-2019-13762
was published
May 24, 2022
A lock screen issue allowed access to messages on a locked device. This issue was addressed with...
Low
Unreviewed
CVE-2020-9959
was published
May 24, 2022
Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object...
Low
Unreviewed
CVE-2023-3436
was published
Jun 27, 2023
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain...
Low
Unreviewed
CVE-2023-44298
was published
Dec 5, 2023
In the Linux kernel, the following vulnerability has been resolved:
powerpc/bpf: Fix detecting...
Low
Unreviewed
CVE-2021-47317
was published
May 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
io_uring: add a schedule...
Low
Unreviewed
CVE-2022-48937
was published
Aug 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: RFCOMM: FIX...
Low
Unreviewed
CVE-2024-50044
was published
Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix softlockup in...
Low
Unreviewed
CVE-2025-21851
was published
Mar 12, 2025
An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch...
Low
Unreviewed
CVE-2025-63396
was published
Nov 12, 2025
A post-authentication flaw in the network two-phase commit protocol used for cross-shard...
Low
Unreviewed
CVE-2025-14345
was published
Dec 9, 2025
Improper Locking vulnerability (CWE-667) in Gallagher Morpho integration allows a privileged...
Low
Unreviewed
CVE-2026-20757
was published
Mar 3, 2026
Spring MVC and WebFlux has Server Sent Event stream corruption
Low
CVE-2026-22735
was published
for
org.springframework:spring-webflux
(Maven)
Mar 20, 2026
Concurrent Ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption
Low
CVE-2026-54906
was published
for
concurrent-ruby
(RubyGems)
Jun 19, 2026
ProTip!
Advisories are also available from the
GraphQL API