Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

374 advisories

Loading
vmir e8117 was discovered to contain a segmentation violation via the wasm_parse_block function... Moderate Unreviewed
CVE-2024-35421 was published Nov 9, 2024
vmir e8117 was discovered to contain a segmentation violation via the import_function function at... Moderate Unreviewed
CVE-2024-35424 was published Nov 9, 2024
vmir e8117 was discovered to contain a segmentation violation via the export_function function at... Moderate Unreviewed
CVE-2024-35427 was published Nov 9, 2024
Moodle has insufficient capability checks Low
CVE-2024-43435 was published for moodle/moodle (Composer) Nov 11, 2024
The incorrect object was checked for NULL in the built-in profiler, potentially leading to... Moderate Unreviewed
CVE-2024-1556 was published Feb 20, 2024
Incomplete validation in `SparseSparseMinimum` Moderate
CVE-2021-29607 was published for tensorflow (pip) Mar 18, 2022
Type confusion leading to segfault in Tensorflow High
CVE-2022-21731 was published for tensorflow (pip) Feb 10, 2022
Segfault in `simplifyBroadcast` in Tensorflow High
CVE-2022-23593 was published for tensorflow (pip) Feb 9, 2022
Assertion failure based denial of service in Tensorflow High
CVE-2022-21737 was published for tensorflow (pip) Feb 9, 2022
Crash when type cannot be specialized in Tensorflow High
CVE-2022-23572 was published for tensorflow (pip) Feb 9, 2022
Insufficient validation when decoding a Socket.IO packet Moderate
CVE-2023-32695 was published for socket.io-parser (npm) May 23, 2023
rafax00 darrachequesne
socket.io has an unhandled 'error' event Moderate
CVE-2024-38355 was published for socket.io (npm) Jun 19, 2024
Y0ursTruly
Jenkins Remoting library arbitrary file read vulnerability High
CVE-2024-43044 was published for org.jenkins-ci.main:jenkins-core (Maven) Aug 7, 2024
CHECK-fail in `QuantizeAndDequantizeV4Grad` Low
CVE-2021-29544 was published for tensorflow (pip) May 21, 2021
glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling... Moderate Unreviewed
CVE-2023-45922 was published Mar 27, 2024
Vyper's raw_call `value=` kwargs not disabled for static and delegate calls Moderate
CVE-2024-24567 was published for vyper (pip) Jan 30, 2024
cyberthirst pcaversaccio
kuroi8 0xdeadbeef0x
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix the missing... Moderate Unreviewed
CVE-2024-50284 was published Nov 19, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In certain... Critical Unreviewed
CVE-2023-37303 was published Jun 30, 2023
Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to... High Unreviewed
CVE-2024-11599 was published Nov 28, 2024
The issue was addressed with improved checks. This issue is fixed in Safari 16.6.1, macOS Ventura... Critical Unreviewed
CVE-2023-41993 was published Sep 21, 2023
In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing... Moderate Unreviewed
CVE-2024-50195 was published Nov 8, 2024
In the Linux kernel, the following vulnerability has been resolved: pinctrl: ocelot: fix system... Moderate Unreviewed
CVE-2024-50196 was published Nov 8, 2024
While parsing certain malformed PLY files, PCL version 1.14.1 crashes due to an uncaught std:... High Unreviewed
CVE-2024-53432 was published Dec 4, 2024
In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: Check device... Moderate Unreviewed
CVE-2024-50184 was published Nov 8, 2024
In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper extts... Moderate Unreviewed
CVE-2024-42139 was published Jul 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database