GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
144 advisories
Filter by severity
Type confusion leading to segfault in Tensorflow
Moderate
CVE-2022-21731
was published
for
tensorflow
(pip)
Feb 10, 2022
Assertion failure based denial of service in Tensorflow
Moderate
CVE-2022-21737
was published
for
tensorflow
(pip)
Feb 9, 2022
The code for downloading files did not properly take care of special characters, which led to an...
Moderate
Unreviewed
CVE-2020-15658
was published
May 24, 2022
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol...
Moderate
Unreviewed
CVE-2022-22238
was published
Oct 18, 2022
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding...
Moderate
Unreviewed
CVE-2022-22227
was published
Oct 18, 2022
FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted issue starting at...
Moderate
Unreviewed
CVE-2018-15815
was published
May 14, 2022
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm...
Moderate
Unreviewed
CVE-2017-17815
was published
May 14, 2022
NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3)...
Moderate
Unreviewed
CVE-2019-5673
was published
May 14, 2022
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash...
Moderate
Unreviewed
CVE-2017-13142
was published
May 14, 2022
An issue was discovered in res_http_websocket.c in Asterisk 15.x through 15.2.1. If the HTTP...
Moderate
Unreviewed
CVE-2018-7287
was published
May 13, 2022
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11...
Moderate
Unreviewed
CVE-2018-12189
was published
May 13, 2022
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem...
Moderate
Unreviewed
CVE-2018-18690
was published
May 13, 2022
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of...
Moderate
Unreviewed
CVE-2017-17044
was published
May 13, 2022
Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration,...
Moderate
Unreviewed
CVE-2021-37862
was published
Dec 18, 2021
Improper check or handling of exception conditions vulnerability in Samsung Pay (US only) prior...
Moderate
Unreviewed
CVE-2021-25525
was published
Dec 9, 2021
Denial of Service (DoS) in mongo-express
Moderate
CVE-2021-23372
was published
for
mongo-express
(npm)
Oct 6, 2021
Authz Module Non-Determinism
Moderate
CVE-2021-41135
was published
for
github.com/cosmos/cosmos-sdk
(Go)
Oct 21, 2021
Incomplete validation in `SparseSparseMinimum`
Moderate
CVE-2021-29607
was published
for
tensorflow
(pip)
Mar 18, 2022
gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during...
Moderate
Unreviewed
CVE-2019-9633
was published
May 13, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x...
Moderate
Unreviewed
CVE-2022-26130
was published
May 6, 2022
Given the TEE is compromised and controlled by the attacker, improper state maintenance in...
Moderate
Unreviewed
CVE-2022-28793
was published
May 4, 2022
Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to...
Moderate
Unreviewed
CVE-2022-37392
was published
Dec 19, 2022
In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught...
Moderate
Unreviewed
CVE-2022-20500
was published
Dec 13, 2022
Uncaptured exceptions in the home screen module. Successful exploitation of this vulnerability...
Moderate
Unreviewed
CVE-2022-41587
was published
Oct 14, 2022
In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop...
Moderate
Unreviewed
CVE-2022-20414
was published
Nov 9, 2022
ProTip!
Advisories are also available from the
GraphQL API