GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
206 advisories
Filter by severity
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP...
High
Unreviewed
CVE-2024-39589
was published
Sep 18, 2024
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP...
High
Unreviewed
CVE-2024-39590
was published
Sep 18, 2024
An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy...
Low
Unreviewed
CVE-2024-26015
was published
Jul 9, 2024
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the...
High
Unreviewed
CVE-2017-0037
was published
May 17, 2022
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via ...
High
Unreviewed
CVE-2017-8291
was published
May 14, 2022
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage...
High
Unreviewed
CVE-2024-28130
was published
Apr 23, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302...
High
Unreviewed
CVE-2024-35303
was published
Jun 11, 2024
transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.
Moderate
Unreviewed
CVE-2024-21478
was published
Jun 3, 2024
Type confusion in Snapchat LensCore could lead to denial of service or arbitrary code execution...
Unknown
Unreviewed
CVE-2024-5436
was published
May 31, 2024
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
High
Unreviewed
CVE-2023-21627
was published
Aug 8, 2023
Transient DOS while processing DL NAS TRANSPORT message with payload length 0.
High
Unreviewed
CVE-2023-33101
was published
Apr 1, 2024
Memory corruption in Graphics while importing a file.
High
Unreviewed
CVE-2023-21665
was published
May 2, 2023
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write...
High
Unreviewed
CVE-2023-21651
was published
Aug 8, 2023
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to...
High
Unreviewed
CVE-2018-6157
was published
May 24, 2022
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201...
High
Unreviewed
CVE-2023-45204
was published
Oct 10, 2023
Memory corruption in Video while calling APIs with different instance ID than the one received in...
High
Unreviewed
CVE-2023-21638
was published
Jul 4, 2023
Memory corruption in Audio due to incorrect type cast during audio use-cases.
High
Unreviewed
CVE-2022-33240
was published
Jun 6, 2023
While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic...
High
Unreviewed
CVE-2023-28162
was published
Jun 2, 2023
Memory corruption due to incorrect type conversion or cast in audio while using audio playback...
High
Unreviewed
CVE-2022-33301
was published
Apr 13, 2023
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare...
Moderate
Unreviewed
CVE-2019-6147
was published
May 24, 2022
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A...
High
Unreviewed
CVE-2019-5053
was published
May 24, 2022
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl...
Critical
Unreviewed
CVE-2016-7398
was published
May 24, 2022
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue...
Critical
Unreviewed
CVE-2022-3979
was published
Nov 14, 2022
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2019-12693
was published
May 24, 2022
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of...
Critical
Unreviewed
CVE-2022-43663
was published
Mar 20, 2023
ProTip!
Advisories are also available from the
GraphQL API