GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
173 advisories
Filter by severity
A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and...
Moderate
Unreviewed
CVE-2024-20506
was published
Sep 5, 2024
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to...
Moderate
Unreviewed
CVE-2024-42411
was published
Aug 22, 2024
Improper conditions check in Linux kernel mode driver for some Intel(R) Ethernet Network...
Moderate
Unreviewed
CVE-2024-21806
was published
Aug 14, 2024
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an...
Moderate
Unreviewed
CVE-2024-7006
was published
Aug 12, 2024
Mattermost allows a remote actor to permanently delete local data by abusing dangerous error handling
Moderate
CVE-2024-39832
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
ice: Fix improper extts...
Moderate
Unreviewed
CVE-2024-42139
was published
Jul 30, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)...
Moderate
Unreviewed
CVE-2024-39561
was published
Jul 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
tracing/probes: fix error...
Moderate
Unreviewed
CVE-2024-36481
was published
Jun 21, 2024
socket.io has an unhandled 'error' event
Moderate
CVE-2024-38355
was published
for
socket.io
(npm)
Jun 19, 2024
Tor path lengths too short when "full Vanguards" configured
Moderate
CVE-2024-35313
was published
for
arti
(Rust)
May 18, 2024
Mattermost crashes web clients via a malformed custom status
Moderate
CVE-2024-4182
was published
for
github.com/mattermost/mattermost-server
(Go)
Apr 26, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address...
Moderate
Unreviewed
CVE-2024-30402
was published
Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding...
Moderate
Unreviewed
CVE-2024-30384
was published
Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of...
Moderate
Unreviewed
CVE-2024-30409
was published
Apr 12, 2024
In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead...
Moderate
Unreviewed
CVE-2023-52534
was published
Apr 8, 2024
glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling...
Moderate
Unreviewed
CVE-2023-45922
was published
Mar 27, 2024
In pq, there is a possible write-what-where condition due to an incorrect bounds check. This...
Moderate
Unreviewed
CVE-2024-20037
was published
Mar 4, 2024
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix panic during...
Moderate
Unreviewed
CVE-2021-47007
was published
Feb 28, 2024
In the Linux kernel, the following vulnerability has been resolved:
ARM: footbridge: fix PCI...
Moderate
Unreviewed
CVE-2021-46909
was published
Feb 27, 2024
Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and...
Moderate
Unreviewed
CVE-2023-6640
was published
Feb 21, 2024
The incorrect object was checked for NULL in the built-in profiler, potentially leading to...
Moderate
Unreviewed
CVE-2024-1556
was published
Feb 20, 2024
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to...
Moderate
Unreviewed
CVE-2024-25739
was published
Feb 12, 2024
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in...
Moderate
Unreviewed
CVE-2023-52429
was published
Feb 12, 2024
moby docker daemon crash during image pull of malicious image
Moderate
CVE-2021-21285
was published
for
github.com/moby/moby
(Go)
Jan 31, 2024
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
Moderate
CVE-2024-23650
was published
for
github.com/moby/buildkit
(Go)
Jan 31, 2024
ProTip!
Advisories are also available from the
GraphQL API