GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
75 advisories
Filter by severity
In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to...
Moderate
Unreviewed
CVE-2024-20106
was published
Nov 4, 2024
marshall in dhcp_packet.c in simple-dhcp-server through ec976d2 allows remote attackers to cause...
Moderate
Unreviewed
CVE-2023-50433
was published
Apr 30, 2024
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot...
Moderate
Unreviewed
CVE-2024-7825
was published
Oct 3, 2024
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot...
Moderate
Unreviewed
CVE-2024-7824
was published
Oct 3, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-43596
was published
Oct 18, 2024
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)...
Moderate
Unreviewed
CVE-2021-31344
was published
May 24, 2022
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
Moderate
Unreviewed
CVE-2024-38207
was published
Aug 24, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-43489
was published
Sep 19, 2024
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When...
Moderate
Unreviewed
CVE-2023-34967
was published
Jul 20, 2023
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 16...
Moderate
Unreviewed
CVE-2024-40788
was published
Jul 30, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-38219
was published
Aug 12, 2024
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2020-6418
was published
May 24, 2022
In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used...
Moderate
Unreviewed
CVE-2024-0042
was published
May 7, 2024
Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a...
Moderate
Unreviewed
CVE-2024-5843
was published
Jun 11, 2024
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30034
was published
May 14, 2024
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-20662
was published
Jan 9, 2024
Type confusion vulnerability in the distributed file module.Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-44094
was published
Oct 11, 2023
In ion, there is a possible out of bounds read due to type confusion. This could lead to local...
Moderate
Unreviewed
CVE-2023-20768
was published
Jul 4, 2023
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently...
Moderate
Unreviewed
CVE-2023-3022
was published
Jun 19, 2023
In vcu, there is a possible memory corruption due to type confusion. This could lead to local...
Moderate
Unreviewed
CVE-2023-20747
was published
Jun 6, 2023
In vcu, there is a possible memory corruption due to type confusion. This could lead to local...
Moderate
Unreviewed
CVE-2023-20673
was published
May 16, 2023
In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a...
Moderate
Unreviewed
CVE-2019-19391
was published
May 24, 2022
A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user...
Moderate
Unreviewed
CVE-2023-4194
was published
Aug 7, 2023
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead...
Moderate
Unreviewed
CVE-2024-20010
was published
Feb 5, 2024
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead...
Moderate
Unreviewed
CVE-2024-20012
was published
Feb 5, 2024
ProTip!
Advisories are also available from the
GraphQL API