Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,679
Erlang
34
GitHub Actions
26
Go
2,266
Maven
5,000+
npm
3,922
NuGet
705
pip
3,686
Pub
12
RubyGems
916
Rust
944
Swift
38
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS... High Unreviewed
CVE-2017-12134 was published May 13, 2022
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point... Moderate Unreviewed
CVE-2017-11537 was published May 13, 2022
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in... Moderate Unreviewed
CVE-2017-8932 was published May 13, 2022
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest... High Unreviewed
CVE-2017-8905 was published May 13, 2022
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type... High Unreviewed
CVE-2017-8326 was published May 13, 2022
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote... Moderate Unreviewed
CVE-2016-7433 was published May 13, 2022
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95.... Moderate Unreviewed
CVE-2019-20051 was published May 24, 2022
Vyper's sqrt doesn't define rounding behavior Low
CVE-2025-26622 was published for vyper (pip) Feb 21, 2025
Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause... Moderate Unreviewed
CVE-2023-31347 was published Feb 13, 2024
The mstatus register in RSD commit 3d13a updates incorrectly, leading to processing errors. Moderate Unreviewed
CVE-2024-25883 was published Feb 7, 2025
Erroneous Proof of Work calculation in geth Moderate
CVE-2020-26240 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
slavikus
Shallow copy bug in geth Moderate
CVE-2020-26241 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with... Moderate Unreviewed
CVE-2024-11407 was published Nov 26, 2024
Improper access control vulnerability in M-Files Aino in versions before 24.10 allowed an... Moderate Unreviewed
CVE-2024-11176 was published Nov 20, 2024
Vyper's `_abi_decode` input not validated in complex expressions Moderate
CVE-2023-42460 was published for vyper (pip) Sep 26, 2023
trocher
missing clamps for decimal args in external functions Moderate
CVE-2021-41122 was published for vyper (pip) Oct 6, 2021
Segfault due to negative splits in `SplitV` Moderate
CVE-2021-41222 was published for tensorflow (pip) Nov 10, 2021
Weight not properly refunded after EVM execution Moderate
CVE-2022-39242 was published for pallet-ethereum (Rust) Sep 23, 2022
Frontier's modexp precompile is slow for even modulus High
CVE-2023-28431 was published for pallet-evm-precompile-modexp (Rust) Mar 21, 2023
guidovranken
A flaw in DRBG number generation within the Network Security Services (NSS) library where the... Moderate Unreviewed
CVE-2017-5462 was published May 13, 2022
An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the... Moderate Unreviewed
CVE-2023-36980 was published Sep 11, 2023
An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect... Critical Unreviewed
CVE-2024-36736 was published Jun 6, 2024
Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and... Critical Unreviewed
CVE-2024-23981 was published Aug 14, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow... High Unreviewed
CVE-2024-41011 was published Jul 18, 2024
evmos allows transferring unvested tokens after delegations Low
CVE-2024-32873 was published for github.com/evmos/evmos/v10 (Go) Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database