Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

87 advisories

Loading
Sensitive Data Exposure in msrcrypto Critical
CVE-2018-8319 was published for msrcrypto (npm) Sep 10, 2018
Incorrect Calculation in bigint-money Low
GHSA-9r3m-mhfm-39cm was published for bigint-money (npm) Sep 11, 2020
Incorrect Calculation and Use of Insufficiently Random Values in Python Moderate Unreviewed
CVE-2020-14422 was published May 11, 2021
Erroneous Proof of Work calculation in geth Moderate
CVE-2020-26240 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
slavikus
Shallow copy bug in geth Moderate
CVE-2020-26241 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
Consensus flaw during block processing in github.com/ethereum/go-ethereum Moderate
CVE-2020-26265 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
Incorrect TCR calculation in batchLiquidateTroves() during Recovery Mode Low
GHSA-xh2p-7p87-fhgh was published for @liquity/contracts (npm) Aug 5, 2021
Flaw in streaming state in orion High
CVE-2018-20999 was published for orion (Rust) Aug 25, 2021
Calculation error in ark-r1cs-std Critical
CVE-2021-38194 was published for ark-r1cs-std (Rust) Aug 25, 2021
tdunlap607
missing clamps for decimal args in external functions Moderate
CVE-2021-41122 was published for vyper (pip) Oct 6, 2021
Segfault due to negative splits in `SplitV` Moderate
CVE-2021-41222 was published for tensorflow (pip) Nov 10, 2021
Incorrect Calculation in the MSR JavaScript Cryptography Library High
CVE-2020-1026 was published for msrcrypto (npm) Jan 6, 2022
On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all... Moderate Unreviewed
CVE-2022-23028 was published Jan 26, 2022
On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3,... High Unreviewed
CVE-2022-23011 was published Jan 26, 2022
Incorrect Calculation in github.com/open-policy-agent/opa Moderate
CVE-2022-23628 was published for github.com/open-policy-agent/opa (Go) Feb 9, 2022
johanneslarsson
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts... High Unreviewed
CVE-2021-45960 was published Feb 10, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... High Unreviewed
CVE-2021-44504 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can... High Unreviewed
CVE-2021-44491 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can... High Unreviewed
CVE-2021-44490 was published Apr 16, 2022
STB v2.27 was discovered to contain an integer shift of invalid size in the component... High Unreviewed
CVE-2022-28048 was published Apr 16, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x... High Unreviewed
CVE-2022-26517 was published May 6, 2022
Incorrect Calculation in solana_rbpf Critical
CVE-2022-23066 was published for solana_rbpf (Rust) May 10, 2022
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel... Moderate Unreviewed
CVE-2022-29978 was published May 12, 2022
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote... Moderate Unreviewed
CVE-2016-7433 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan... High Unreviewed
CVE-2018-18225 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database