Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32954 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32474 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32955 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32473 was published Feb 15, 2023
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. The IhisiDxe... High Unreviewed
CVE-2022-32471 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32478 was published Feb 15, 2023
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-44670 was published Dec 13, 2022
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection... High Unreviewed
CVE-2022-33257 was published Mar 10, 2023
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle... High Unreviewed
CVE-2019-1065 was published May 24, 2022
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs High
CVE-2021-30465 was published for github.com/opencontainers/runc (Go) May 25, 2021
champtar
Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to... High Unreviewed
CVE-2019-11774 was published May 24, 2022
Race Condition in Grunt High
CVE-2022-1537 was published for grunt (npm) May 11, 2022
This vulnerability allows remote attackers to bypass authentication on affected installations of... High Unreviewed
CVE-2022-36980 was published Mar 29, 2023
arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD... High Unreviewed
CVE-2021-29657 was published May 24, 2022
Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10... High Unreviewed
CVE-2019-7307 was published May 24, 2022
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU)... High Unreviewed
CVE-2023-38041 was published Oct 25, 2023
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin... High Unreviewed
CVE-2022-3701 was published Oct 27, 2023
A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3... High Unreviewed
CVE-2022-3702 was published Oct 27, 2023
A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in... High Unreviewed
CVE-2023-1295 was published Jun 28, 2023
Buildkite Elastic CI for AWS time-of-check-time-of-use race condition vulnerability High
CVE-2023-43741 was published for github.com/buildkite/elastic-ci-stack-for-aws/v6 (Go) Dec 22, 2023
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly... High Unreviewed
CVE-2020-1337 was published May 24, 2022
The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of... High Unreviewed
CVE-2023-2007 was published Apr 25, 2023
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated,... High Unreviewed
CVE-2023-20135 was published Sep 13, 2023
Memory corruption in Trusted Execution Environment while deinitializing an object used for... High Unreviewed
CVE-2023-33046 was published Feb 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database