Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,064
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

75 advisories

Loading
Vyper: reversed order of side effects for some operations Moderate
CVE-2023-40015 was published for vyper (pip) Sep 4, 2023
trocher
Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update... High Unreviewed
CVE-2023-41376 was published Aug 29, 2023
Insufficient control flow management in the Hyperscan Library maintained by Intel(R) before... Moderate Unreviewed
CVE-2023-28711 was published Aug 11, 2023
Incorrect control flow in Jenkins Gradle Plugin breaks credentials masking in the build log Moderate
CVE-2023-39152 was published for org.jenkins-ci.plugins:gradle (Maven) Jul 26, 2023
Vyper's nonpayable default functions are sometimes payable Moderate
CVE-2023-32675 was published for vyper (pip) May 22, 2023
trocher
Incorrect success value returned in vyper High
CVE-2023-30629 was published for vyper (pip) Apr 24, 2023
algys pavelvm5
An issue was discovered in ONOS 2.5.1. Modification of an existing intent to have the same source... High Unreviewed
CVE-2022-29607 was published Apr 20, 2023
An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the... Moderate Unreviewed
CVE-2022-29609 was published Apr 20, 2023
An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of... High Unreviewed
CVE-2022-29605 was published Apr 20, 2023
Memory corruption in modem due to improper input validation while handling the incoming CoAP message Critical Unreviewed
CVE-2022-25745 was published Apr 13, 2023
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will... High Unreviewed
CVE-2023-1668 was published Apr 11, 2023
Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2... Moderate Unreviewed
CVE-2022-26841 was published Feb 16, 2023
Insufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools... High Unreviewed
CVE-2022-27808 was published Feb 16, 2023
Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before... High Unreviewed
CVE-2022-36278 was published Feb 16, 2023
In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically... High Unreviewed
CVE-2023-20921 was published Jan 26, 2023
In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a... High Unreviewed
CVE-2023-20915 was published Jan 26, 2023
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs Moderate
CVE-2022-41884 was published for tensorflow (pip) Nov 21, 2022
Incorrect is_static parameter for custom stateful precompiles in SputnikVM (evm) Moderate
CVE-2022-39354 was published for evm (Rust) Oct 25, 2022
Solana Pay Vulnerable to Weakness in Transfer Validation Logic Moderate
CVE-2022-35917 was published for @solana/pay (npm) Aug 6, 2022
cmowenby
Incorrect handling of invalid surrogate pair characters High
CVE-2022-31116 was published for ujson (pip) Jul 5, 2022
JustAnotherArchivist the-bumble
Multiple evaluation of contract address in call in vyper High
CVE-2022-29255 was published for vyper (pip) Jun 6, 2022
bson-objectid contains Improper input validation High
CVE-2019-19729 was published for bson-objectid (npm) May 24, 2022
** DISPUTED ** Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0 mishandles concurrency,... Moderate Unreviewed
CVE-2021-43979 was published May 24, 2022
A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco... High Unreviewed
CVE-2021-34767 was published May 24, 2022
In updateCapabilities of ConnectivityService.java, there is a possible incorrect network state... High Unreviewed
CVE-2021-0517 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database