Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

38 advisories

Loading
Duplicate Advisory: .NET and Visual Studio Remote Code Execution Vulnerability Critical
GHSA-8rxm-6783-qh55 was published for System.Formats.Nrbf (NuGet) Nov 12, 2024 withdrawn
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an... Critical Unreviewed
CVE-2024-8385 was published Sep 3, 2024
A potentially exploitable type confusion could be triggered when looking up a property name on an... Critical Unreviewed
CVE-2024-8381 was published Sep 3, 2024
Type confusion if __private_get_type_id__ is overriden Critical
CVE-2020-25575 was published for failure (Rust) Jun 16, 2022
michaelkedar
In venc, there is a possible out of bounds write due to type confusion. This could lead to local... Critical Unreviewed
CVE-2024-20078 was published Jul 1, 2024
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x... Critical Unreviewed
CVE-2023-42464 was published Sep 20, 2023
Prototype Pollution in immer Critical
CVE-2021-23436 was published for immer (npm) Sep 2, 2021
levpachmanov
Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type. Critical Unreviewed
CVE-2023-26063 was published Apr 10, 2023
In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in ... Critical Unreviewed
CVE-2023-43154 was published Sep 27, 2023
In multiple locations, there is a possible code execution due to type confusion. This could lead... Critical Unreviewed
CVE-2023-21287 was published Aug 15, 2023
coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not block multiple Content... Critical Unreviewed
CVE-2023-38199 was published Jul 13, 2023
Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions.... Critical Unreviewed
CVE-2022-48511 was published Jul 6, 2023
A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could... Critical Unreviewed
CVE-2023-25933 was published May 19, 2023
An error in Hermes' algorithm for copying objects properties prior to commit... Critical Unreviewed
CVE-2023-23557 was published May 19, 2023
Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate... Critical Unreviewed
CVE-2021-33970 was published Apr 20, 2023
Rust Failure Crate Vulnerable to Type confusion Critical
CVE-2019-25010 was published for failure (Rust) Aug 25, 2021
Out of bounds access in rgb Critical
CVE-2020-25016 was published for rgb (Rust) Aug 25, 2021
Unsafe fall-through in getWhereConditions Critical
CVE-2023-22579 was published for @sequelize/core (npm) Feb 23, 2023
Firebase PHP-JWT key/algorithm type confusion Critical
CVE-2021-46743 was published for firebase/php-jwt (Composer) Mar 30, 2022
llupa
njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a... Critical Unreviewed
CVE-2021-46463 was published Feb 15, 2022
A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in... Critical Unreviewed
CVE-2021-24045 was published Dec 14, 2021
Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of... Critical Unreviewed
CVE-2019-10231 was published May 13, 2022
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS... Critical Unreviewed
CVE-2021-1829 was published May 24, 2022
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz... Critical Unreviewed
CVE-2021-23908 was published May 24, 2022
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion... Critical Unreviewed
CVE-2018-4920 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database