Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,669
Erlang
34
GitHub Actions
26
Go
2,262
Maven
5,000+
npm
3,912
NuGet
705
pip
3,681
Pub
12
RubyGems
916
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

27 advisories

Loading
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP... Moderate Unreviewed
CVE-2022-0322 was published Mar 26, 2022
In audio DSP, there is a possible memory corruption due to improper casting. This could lead to... Moderate Unreviewed
CVE-2022-21786 was published Jul 7, 2022
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override... Moderate Unreviewed
CVE-2020-13293 was published May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer... Moderate Unreviewed
CVE-2021-25177 was published May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer... Moderate Unreviewed
CVE-2021-25175 was published May 24, 2022
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the... Moderate Unreviewed
CVE-2021-28275 was published Mar 24, 2022
Invalid char to bool conversion when printing a tensor Moderate
CVE-2022-41911 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail in `BCast` overflow Moderate
CVE-2022-41890 was published for tensorflow (pip) Nov 21, 2022
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast... Moderate Unreviewed
CVE-2011-0482 was published May 13, 2022
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast... Moderate Unreviewed
CVE-2011-0483 was published May 13, 2022
Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction... Moderate Unreviewed
CVE-2011-1799 was published May 13, 2022
Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable... Moderate Unreviewed
CVE-2011-3027 was published May 13, 2022
Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during... Moderate Unreviewed
CVE-2011-3037 was published May 13, 2022
Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable... Moderate Unreviewed
CVE-2011-1200 was published May 13, 2022
Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable... Moderate Unreviewed
CVE-2011-1441 was published May 13, 2022
Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable... Moderate Unreviewed
CVE-2011-3036 was published May 13, 2022
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006... Moderate Unreviewed
CVE-2018-12793 was published May 14, 2022
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed
CVE-2019-12693 was published May 24, 2022
Devise does not properly perform type conversion when performing database queries Moderate
CVE-2013-0233 was published for devise (RubyGems) Oct 24, 2017
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare... Moderate Unreviewed
CVE-2019-6147 was published May 24, 2022
Mattermost Mobile versions <= 2.22.0 fail to properly validate the style of proto supplied to an... Moderate Unreviewed
CVE-2025-20072 was published Jan 16, 2025
Mattermost Incorrect Type Conversion or Cast Moderate
CVE-2025-21088 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 15, 2025
transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA. Moderate Unreviewed
CVE-2024-21478 was published Jun 3, 2024
Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0 Moderate
CVE-2025-1057 was published for keylime (pip) Feb 14, 2025
ansasaki
OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter... Moderate Unreviewed
CVE-2024-36735 was published Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database