Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,153
Maven
5,000+
npm
5,000+
NuGet
861
pip
4,451
Pub
12
RubyGems
991
Rust
1,179
Swift
50
Unreviewed advisories
All unreviewed
5,000+

44 advisories

Loading
soroban-fixed-point-math has Incorrect Rounding and Overflow Handling in Signed Fixed-Point Math with Negatives High
CVE-2026-24783 was published for soroban-fixed-point-math (Rust) Jan 28, 2026
An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon (l2cpd) of... High Unreviewed
CVE-2026-21911 was published Jan 15, 2026
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that... High Unreviewed
CVE-2025-4435 was published Jun 3, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow... High Unreviewed
CVE-2024-41011 was published Jul 18, 2024
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of... High Unreviewed
CVE-2024-6287 was published Jun 24, 2024
A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the... High Unreviewed
CVE-2023-2423 was published Aug 8, 2023
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before... High Unreviewed
CVE-2023-35848 was published Jun 19, 2023
Frontier's modexp precompile is slow for even modulus High
CVE-2023-28431 was published for pallet-evm-precompile-modexp (Rust) Mar 21, 2023
guidovranken Credited to guidovranken
nistec has Incorrect Calculation in Multiplication of unreduced P-256 scalars High
CVE-2023-24533 was published for filippo.io/nistec (Go) Mar 1, 2023
An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti... High Unreviewed
CVE-2022-35258 was published Dec 6, 2022
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1... High Unreviewed
CVE-2022-36795 was published Oct 20, 2022
OpenZeppelin Contracts's GovernorVotesQuorumFraction updates to quorum may affect past defeated proposals High
CVE-2022-31198 was published for @openzeppelin/contracts (npm) Aug 18, 2022
Uncontrolled Resource Consumption in fast-string-search High
CVE-2022-22138 was published for fast-string-search (npm) Jun 18, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-31440 was published May 24, 2022
A vulnerability has been identified in SCALANCE XM-400 Family (All versions < V6.4), SCALANCE XR... High Unreviewed
CVE-2020-28393 was published May 24, 2022
The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an... High Unreviewed
CVE-2021-3004 was published May 24, 2022
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to... High Unreviewed
CVE-2020-0022 was published May 24, 2022
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading... High Unreviewed
CVE-2019-17514 was published May 24, 2022
In FreeBSD 12.0-STABLE before r350222, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before... High Unreviewed
CVE-2019-5607 was published May 24, 2022
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode... High Unreviewed
CVE-2017-0342 was published May 17, 2022
espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point... High Unreviewed
CVE-2018-14439 was published May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA... High Unreviewed
CVE-2017-9725 was published May 13, 2022
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest... High Unreviewed
CVE-2017-8905 was published May 13, 2022
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type... High Unreviewed
CVE-2017-8326 was published May 13, 2022
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission... High Unreviewed
CVE-2017-13288 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database