GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
176 advisories
Filter by severity
In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a...
Moderate
Unreviewed
CVE-2021-39647
was published
Dec 16, 2021
In vow driver, there is a possible memory corruption due to improper locking. This could lead to...
Moderate
Unreviewed
CVE-2022-20016
was published
Jan 5, 2022
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within...
Moderate
Unreviewed
CVE-2021-20315
was published
Feb 19, 2022
An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It...
Moderate
Unreviewed
CVE-2021-3667
was published
Mar 4, 2022
A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due...
Moderate
Unreviewed
CVE-2021-4149
was published
Mar 24, 2022
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method...
Moderate
Unreviewed
CVE-2022-0897
was published
Mar 26, 2022
A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself...
Moderate
Unreviewed
CVE-2021-4147
was published
Mar 26, 2022
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log...
Moderate
Unreviewed
CVE-2022-26356
was published
Apr 6, 2022
Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on...
Moderate
Unreviewed
CVE-2004-0174
was published
Apr 29, 2022
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which...
Moderate
Unreviewed
CVE-2000-0338
was published
Apr 30, 2022
Windows 2000 allows local users to prevent the application of new group policy settings by...
Moderate
Unreviewed
CVE-2002-0051
was published
Apr 30, 2022
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a...
Moderate
Unreviewed
CVE-2002-1850
was published
Apr 30, 2022
The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2...
Moderate
Unreviewed
CVE-2005-3847
was published
May 1, 2022
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock)...
Moderate
Unreviewed
CVE-2006-2275
was published
May 1, 2022
The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to...
Moderate
Unreviewed
CVE-2006-4342
was published
May 1, 2022
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle...
Moderate
Unreviewed
CVE-2008-4302
was published
May 2, 2022
The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29...
Moderate
Unreviewed
CVE-2009-0935
was published
May 2, 2022
The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle...
Moderate
Unreviewed
CVE-2009-1388
was published
May 2, 2022
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable...
Moderate
Unreviewed
CVE-2009-2699
was published
May 2, 2022
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle...
Moderate
Unreviewed
CVE-2009-2857
was published
May 2, 2022
A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an...
Moderate
Unreviewed
CVE-2018-0381
was published
May 13, 2022
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid...
Moderate
Unreviewed
CVE-2019-3901
was published
May 24, 2022
A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow...
Moderate
Unreviewed
CVE-2019-1732
was published
May 24, 2022
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may...
Moderate
Unreviewed
CVE-2019-14763
was published
May 24, 2022
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of...
Moderate
Unreviewed
CVE-2019-17343
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API