Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,123 advisories

Loading
In ccci, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2022-32634 was published Dec 5, 2022
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2022-32631 was published Dec 5, 2022
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2022-32632 was published Dec 5, 2022
LMDeploy Improper Input Validation Vulnerability Moderate
CVE-2025-3162 was published for lmdeploy (pip) Apr 3, 2025
protobuf-java has potential Denial of Service issue High
CVE-2024-7254 was published for com.google.protobuf:protobuf-java (RubyGems) Sep 19, 2024
tar-split memory exhaustion Moderate
CVE-2017-14992 was published for github.com/vbatts/tar-split (Go) May 17, 2022
Apache Struts forced double OGNL evaluation High
CVE-2016-4461 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
Memory corruption in SPI buses due to improper input validation while reading address... High Unreviewed
CVE-2022-25698 was published Dec 13, 2022
An issue in code signature validation was addressed with improved checks. This issue is fixed in... Moderate Unreviewed
CVE-2022-42793 was published Nov 2, 2022
Memory corruption in i2c buses due to improper input validation while reading address... High Unreviewed
CVE-2022-25697 was published Dec 13, 2022
OpenFlow plugin for OpenDaylight LLDP Relay High
CVE-2015-1612 was published for org.opendaylight.openflowplugin:openflowplugin (Maven) May 17, 2022
OpenFlow plugin for OpenDaylight allows spoofing the SDN topology High
CVE-2015-1611 was published for org.opendaylight.openflowplugin:openflowplugin (Maven) May 17, 2022
WithSecure DeepGuard 6 allows attackers to affect confidentiality, availability, and/or integrity. High Unreviewed
CVE-2022-45871 was published Dec 13, 2022
This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7... High Unreviewed
CVE-2022-42800 was published Nov 2, 2022
Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if... Unknown Unreviewed
CVE-2025-26413 was published Apr 22, 2025
An issue existed in the parsing of URLs. This issue was addressed with improved input validation.... Critical Unreviewed
CVE-2022-42837 was published Dec 15, 2022
In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds... Moderate Unreviewed
CVE-2022-20569 was published Dec 21, 2022
In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible... High Unreviewed
CVE-2022-20507 was published Dec 20, 2022
In multiple locations, there is a possible display crash loop due to improper input validation.... Low Unreviewed
CVE-2022-20543 was published Dec 19, 2022
An improper input validation vulnerability is identified in the End of Life (EOL) OVA based... Moderate Unreviewed
CVE-2025-3837 was published Apr 21, 2025
In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The... High Unreviewed
CVE-2017-15667 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10... Moderate Unreviewed
CVE-2017-7154 was published May 14, 2022
A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0... High Unreviewed
CVE-2017-12736 was published May 13, 2022
An issue was discovered in Enigmail before 1.9.9. Regular expressions are exploitable for Denial... High Unreviewed
CVE-2017-17846 was published May 14, 2022
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero... High Unreviewed
CVE-2017-17805 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database