Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,494 advisories

Loading
Software installed and run as a non-privileged user may conduct improper GPU system calls to... High Unreviewed
CVE-2024-12837 was published Mar 7, 2025
In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify... High Unreviewed
CVE-2024-58083 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused... High Unreviewed
CVE-2024-58072 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject struct_ops... High Unreviewed
CVE-2024-58060 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for... High Unreviewed
CVE-2022-49411 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif... High Unreviewed
CVE-2022-49489 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: block: disable the elevator... High Unreviewed
CVE-2022-49694 was published Mar 6, 2025
Use after free in Profiles in Google Chrome prior to 134.0.6998.35 allowed an attacker who... High Unreviewed
CVE-2025-1916 was published Mar 5, 2025
In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_tx_handler... High Unreviewed
CVE-2022-49275 was published Mar 4, 2025
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix use... High Unreviewed
CVE-2022-49196 was published Mar 4, 2025
In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after... High Unreviewed
CVE-2022-49114 was published Mar 4, 2025
In the Linux kernel, the following vulnerability has been resolved: net: hns3: add vlan list... High Unreviewed
CVE-2022-49182 was published Mar 4, 2025
On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger... High Unreviewed
CVE-2025-1930 was published Mar 4, 2025
It was possible to cause a use-after-free in the content process side of a WebTransport... High Unreviewed
CVE-2025-1931 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-23409 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-23414 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-24301 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-20081 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-20626 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-20091 was published Mar 4, 2025
Memory corruption while calling the NPU driver APIs concurrently. High Unreviewed
CVE-2025-21424 was published Mar 3, 2025
Memory corruption while processing command in Glink linux. High Unreviewed
CVE-2024-43057 was published Mar 3, 2025
Memory corruption may occur while accessing a variable during extended back to back tests. High Unreviewed
CVE-2024-53023 was published Mar 3, 2025
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation. High Unreviewed
CVE-2024-45580 was published Mar 3, 2025
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization. High Unreviewed
CVE-2024-43062 was published Mar 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database