Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

499 advisories

Loading
ChakraCore RCE Vulnerability High
CVE-2018-8298 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore RCE Vulnerability High
CVE-2018-8291 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore RCE Vulnerability High
CVE-2018-8229 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore RCE Vulnerability High
CVE-2018-8133 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who... High Unreviewed
CVE-2023-0703 was published Feb 7, 2023
Type confusion in Data Transfer in Google Chrome prior to 110.0.5481.77 allowed a remote attacker... High Unreviewed
CVE-2023-0702 was published Feb 7, 2023
Cross-site Scripting in edge.js Moderate
CVE-2021-23443 was published for edge.js (npm) Sep 22, 2021
Prototype Pollution in object-path Moderate
CVE-2021-23434 was published for object-path (npm) Sep 1, 2021
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura... High Unreviewed
CVE-2023-23529 was published Feb 27, 2023
Nokogiri implementation of libxslt vulnerable to heap corruption High
CVE-2019-5815 was published for nokogiri (RubyGems) May 24, 2022
In the code that verifies the file size in the ark library, it is possible to manipulate the... High Unreviewed
CVE-2021-26635 was published Jun 3, 2022
Out of bounds access in rgb Critical
CVE-2020-25016 was published for rgb (Rust) Aug 25, 2021
Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to... High Unreviewed
CVE-2022-1134 was published Jul 24, 2022
Windows Defender Credential Guard Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-34709 was published Aug 10, 2022
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari... High Unreviewed
CVE-2022-42856 was published Dec 15, 2022
Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to... High Unreviewed
CVE-2022-3723 was published Nov 2, 2022
Lua 5.4.4 and 5.4.2 are affected by SEGV by type confusion in funcnamefromcode function in ldebug... Moderate Unreviewed
CVE-2021-44647 was published Jan 12, 2022
A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0... Moderate Unreviewed
CVE-2023-1076 was published Mar 27, 2023
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a... Moderate Unreviewed
CVE-2023-23454 was published Jan 12, 2023
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause... Moderate Unreviewed
CVE-2023-23455 was published Jan 12, 2023
Duplicate advisory: Sequelize - Unsafe fall-through in getWhereConditions High
GHSA-r3vq-92c6-3mqf was published for @sequelize/core (npm) Feb 16, 2023 withdrawn
In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type... Moderate Unreviewed
CVE-2023-21056 was published Mar 24, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-37377 was published Mar 29, 2023
Ambiguous OCI manifest parsing Low
GHSA-5j5w-g665-5m35 was published for github.com/containerd/containerd (Go) Nov 18, 2021
tdunlap607
The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7... Moderate Unreviewed
CVE-2023-0083 was published Mar 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database