Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

36 advisories

Loading
An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free... Moderate Unreviewed
CVE-2021-35121 was published Jun 15, 2022
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high... Moderate Unreviewed
CVE-2022-31603 was published Jul 5, 2022
If array shift operations are not used, the Garbage Collector may have become confused about... Moderate Unreviewed
CVE-2022-31745 was published Dec 22, 2022
Multiple memory corruption issues were addressed with improved memory handling. This issue is... Moderate Unreviewed
CVE-2019-8587 was published May 24, 2022
Possible memory corruption in perfservice due to improper validation array length taken from user... Moderate Unreviewed
CVE-2020-3676 was published May 24, 2022
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for... Moderate Unreviewed
CVE-2021-1117 was published May 24, 2022
Exceeding the limit of usage entries are not tracked and the information will be lost causing the... Moderate Unreviewed
CVE-2018-11948 was published May 14, 2022
FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in... Moderate Unreviewed
CVE-2019-1000016 was published May 14, 2022
Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the... Moderate Unreviewed
CVE-2015-8316 was published May 17, 2022
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has... Moderate Unreviewed
CVE-2020-20412 was published May 24, 2022
Possible out of bound access of DCI resources due to lack of validation process and resource... Moderate Unreviewed
CVE-2021-30325 was published Feb 12, 2022
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2... Moderate Unreviewed
CVE-2010-2806 was published May 13, 2022
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-7170 was published May 13, 2022
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47348 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47347 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47344 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47345 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47342 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47346 was published Feb 12, 2023
In engineermode services, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-47343 was published Feb 12, 2023
In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2023-20633 was published Mar 7, 2023
A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability... Moderate Unreviewed
CVE-2023-6298 was published Nov 27, 2023
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x... Moderate Unreviewed
CVE-2022-42011 was published Oct 10, 2022
tiny-curl-8_4_0 , curl-8_4_0 and curl-8_5_0 were discovered to contain an off-by-one out-of... Moderate Unreviewed
CVE-2023-52071 was published Jan 30, 2024
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to... Moderate Unreviewed
CVE-2005-0369 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API