Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,288 advisories

Loading
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or... High Unreviewed
CVE-2023-6478 was published Dec 13, 2023
Windows Sysmain Service Elevation of Privilege High Unreviewed
CVE-2023-35644 was published Dec 12, 2023
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code... High Unreviewed
CVE-2023-5869 was published Dec 10, 2023
In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase... High Unreviewed
CVE-2023-48409 was published Dec 8, 2023
Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera... Moderate Unreviewed
CVE-2023-42563 was published Dec 5, 2023
Integer overflow vulnerability in detectionFindFaceSupportMultiInstance of... Moderate Unreviewed
CVE-2023-42562 was published Dec 5, 2023
Memory corruption while using the UIM diag command to get the operators name. High Unreviewed
CVE-2023-33018 was published Dec 5, 2023
Memory corruption in HLOS while invoking IOCTL calls from user-space. High Unreviewed
CVE-2023-33022 was published Dec 5, 2023
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. High Unreviewed
CVE-2023-33107 was published Dec 5, 2023
Transient DOS in Bluetooth Host while rfc slot allocation. High Unreviewed
CVE-2023-28588 was published Dec 5, 2023
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who... Critical Unreviewed
CVE-2023-6345 was published Nov 29, 2023
An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the... High Unreviewed
CVE-2023-4398 was published Nov 28, 2023
Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on... High Unreviewed
CVE-2021-27504 was published Nov 21, 2023
Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid... High Unreviewed
CVE-2021-27502 was published Nov 21, 2023
Texas Instruments TI-RTOS returns a valid pointer to a small buffer on extremely large values.... High Unreviewed
CVE-2021-27429 was published Nov 20, 2023
Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a... High Unreviewed
CVE-2021-22636 was published Nov 20, 2023
Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an... Moderate Unreviewed
CVE-2023-22305 was published Nov 14, 2023
A local non-privileged user can make improper GPU memory processing operations to gain access to... High Unreviewed
CVE-2023-4295 was published Nov 14, 2023
Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to... High Unreviewed
CVE-2023-5849 was published Nov 1, 2023
In Secure Element, there is a possible out of bounds write due to an integer overflow. This could... Moderate Unreviewed
CVE-2023-21371 was published Oct 30, 2023
In the Security Element API, there is a possible out of bounds write due to an integer overflow.... Moderate Unreviewed
CVE-2023-21370 was published Oct 30, 2023
In Sysproxy, there is a possible out of bounds write due to an integer underflow. This could lead... High Unreviewed
CVE-2023-21375 was published Oct 30, 2023
An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and... High Unreviewed
CVE-2023-42295 was published Oct 23, 2023
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded... High Unreviewed
CVE-2023-3487 was published Oct 20, 2023
An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A... High Unreviewed
CVE-2023-38127 was published Oct 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database