GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
93 advisories
Filter by severity
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3...
High
Unreviewed
CVE-2017-4961
was published
May 13, 2022
The Lenovo Service Framework Android application uses a set of nonsecure credentials when...
High
Unreviewed
CVE-2017-3760
was published
May 13, 2022
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for...
Critical
Unreviewed
CVE-2017-15994
was published
May 13, 2022
Nimbus JOSE+JWT vulnerable to padding oracle attack
Low
CVE-2017-12973
was published
for
com.nimbusds:nimbus-jose-jwt
(Maven)
May 13, 2022
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third...
High
Unreviewed
CVE-2018-6336
was published
May 13, 2022
Improper Validation of Integrity Check Value in Bouncy Castle
Moderate
CVE-2018-5382
was published
for
org.bouncycastle:bcprov-jdk15on
(Maven)
May 13, 2022
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration...
Critical
Unreviewed
CVE-2022-29898
was published
May 12, 2022
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF,...
Moderate
Unreviewed
CVE-2022-25946
was published
May 6, 2022
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed...
High
Unreviewed
CVE-2022-22781
was published
Apr 29, 2022
Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by...
High
Unreviewed
CVE-2020-14120
was published
Apr 22, 2022
The DFX module has a vulnerability of improper validation of integrity check values.Successful...
High
Unreviewed
CVE-2022-22253
was published
Apr 12, 2022
A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the...
Moderate
Unreviewed
CVE-2021-4148
was published
Mar 24, 2022
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP...
Moderate
Unreviewed
CVE-2021-3772
was published
Mar 4, 2022
Improper Validation of Integrity Check Value in TensorFlow
High
GHSA-43q8-3fv7-pr5x
was published
for
tensorflow
(pip)
Feb 9, 2022
Execution Control List (ECL) Is Insecure in Singularity
High
CVE-2020-13845
was published
for
github.com/sylabs/singularity
(Go)
Dec 20, 2021
An issue was discovered in Listary through 6. Improper implementation of the update process leads...
High
Unreviewed
CVE-2021-41067
was published
Dec 15, 2021
Incomplete validation of shapes in multiple TF ops
High
CVE-2021-41206
was published
for
tensorflow
(pip)
Nov 10, 2021
tlslite-ng off-by-one error on mac checking
Moderate
CVE-2018-1000159
was published
for
tlslite-ng
(pip)
Jul 12, 2018
ProTip!
Advisories are also available from the
GraphQL API