GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
133 advisories
Filter by severity
A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in...
Moderate
Unreviewed
CVE-2023-2430
was published
Jul 23, 2023
A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to...
Moderate
Unreviewed
CVE-2023-0160
was published
Jul 18, 2023
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local...
Moderate
Unreviewed
CVE-2023-20746
was published
Jun 6, 2023
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local...
Moderate
Unreviewed
CVE-2023-20743
was published
Jun 6, 2023
In vcu, there is a possible use after free due to improper locking. This could lead to local...
Moderate
Unreviewed
CVE-2023-20737
was published
Jun 6, 2023
In vcu, there is a possible use after free due to improper locking. This could lead to local...
Moderate
Unreviewed
CVE-2023-20733
was published
Jun 6, 2023
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained...
Moderate
Unreviewed
CVE-2023-2612
was published
May 31, 2023
A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself...
Moderate
Unreviewed
CVE-2021-4147
was published
Mar 26, 2022
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method...
Moderate
Unreviewed
CVE-2022-0897
was published
Mar 26, 2022
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle...
Moderate
Unreviewed
CVE-2008-4302
was published
May 2, 2022
The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to...
Moderate
Unreviewed
CVE-2006-4342
was published
May 1, 2022
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable...
Moderate
Unreviewed
CVE-2009-2699
was published
May 2, 2022
The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle...
Moderate
Unreviewed
CVE-2009-1388
was published
May 2, 2022
The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2...
Moderate
Unreviewed
CVE-2005-3847
was published
May 1, 2022
Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on...
Moderate
Unreviewed
CVE-2004-0174
was published
Apr 29, 2022
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock)...
Moderate
Unreviewed
CVE-2006-2275
was published
May 1, 2022
Windows 2000 allows local users to prevent the application of new group policy settings by...
Moderate
Unreviewed
CVE-2002-0051
was published
Apr 30, 2022
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle...
Moderate
Unreviewed
CVE-2009-2857
was published
May 2, 2022
A denial of service problem was found, due to a possible recursive locking scenario, resulting in...
Moderate
Unreviewed
CVE-2023-2269
was published
Apr 25, 2023
The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29...
Moderate
Unreviewed
CVE-2009-0935
was published
May 2, 2022
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a...
Moderate
Unreviewed
CVE-2002-1850
was published
Apr 30, 2022
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which...
Moderate
Unreviewed
CVE-2000-0338
was published
Apr 30, 2022
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log...
Moderate
Unreviewed
CVE-2022-26356
was published
Apr 6, 2022
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net...
Moderate
Unreviewed
CVE-2024-0639
was published
Jan 17, 2024
A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the...
Moderate
Unreviewed
CVE-2024-0641
was published
Jan 17, 2024
ProTip!
Advisories are also available from the
GraphQL API