GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
23 advisories
Filter by severity
Devise does not properly perform type conversion when performing database queries
Moderate
CVE-2013-0233
was published
for
devise
(RubyGems)
Oct 24, 2017
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the...
Moderate
Unreviewed
CVE-2021-28275
was published
Mar 24, 2022
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP...
Moderate
Unreviewed
CVE-2022-0322
was published
Mar 26, 2022
The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows...
Moderate
Unreviewed
CVE-2016-7156
was published
May 13, 2022
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast...
Moderate
Unreviewed
CVE-2011-0482
was published
May 13, 2022
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast...
Moderate
Unreviewed
CVE-2011-0483
was published
May 13, 2022
Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable...
Moderate
Unreviewed
CVE-2011-1200
was published
May 13, 2022
Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction...
Moderate
Unreviewed
CVE-2011-1799
was published
May 13, 2022
Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable...
Moderate
Unreviewed
CVE-2011-1441
was published
May 13, 2022
Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable...
Moderate
Unreviewed
CVE-2011-3036
was published
May 13, 2022
Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable...
Moderate
Unreviewed
CVE-2011-3027
was published
May 13, 2022
Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during...
Moderate
Unreviewed
CVE-2011-3037
was published
May 13, 2022
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006...
Moderate
Unreviewed
CVE-2018-12793
was published
May 14, 2022
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10...
Moderate
Unreviewed
CVE-2017-13855
was published
May 14, 2022
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2019-12693
was published
May 24, 2022
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare...
Moderate
Unreviewed
CVE-2019-6147
was published
May 24, 2022
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override...
Moderate
Unreviewed
CVE-2020-13293
was published
May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer...
Moderate
Unreviewed
CVE-2021-25175
was published
May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer...
Moderate
Unreviewed
CVE-2021-25177
was published
May 24, 2022
In audio DSP, there is a possible memory corruption due to improper casting. This could lead to...
Moderate
Unreviewed
CVE-2022-21786
was published
Jul 7, 2022
`CHECK` fail in `BCast` overflow
Moderate
CVE-2022-41890
was published
for
tensorflow
(pip)
Nov 21, 2022
Invalid char to bool conversion when printing a tensor
Moderate
CVE-2022-41911
was published
for
tensorflow
(pip)
Nov 21, 2022
transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.
Moderate
Unreviewed
CVE-2024-21478
was published
Jun 3, 2024
ProTip!
Advisories are also available from the
GraphQL API