Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,110
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

45 advisories

Loading
Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type. Critical Unreviewed
CVE-2023-26063 was published Apr 10, 2023
Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate... Critical Unreviewed
CVE-2021-33970 was published Apr 20, 2023
An error in Hermes' algorithm for copying objects properties prior to commit... Critical Unreviewed
CVE-2023-23557 was published May 19, 2023
A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could... Critical Unreviewed
CVE-2023-25933 was published May 19, 2023
Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions.... Critical Unreviewed
CVE-2022-48511 was published Jul 6, 2023
coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not block multiple Content... Critical Unreviewed
CVE-2023-38199 was published Jul 13, 2023
In multiple locations, there is a possible code execution due to type confusion. This could lead... Critical Unreviewed
CVE-2023-21287 was published Aug 15, 2023
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x... Critical Unreviewed
CVE-2023-42464 was published Sep 20, 2023
In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in ... Critical Unreviewed
CVE-2023-43154 was published Sep 27, 2023
libxmljs vulnerable to type confusion when parsing specially crafted XML Critical
CVE-2024-34392 was published for libxmljs (npm) May 2, 2024
libxmljs vulnerable to type confusion when parsing specially crafted XML Critical
CVE-2024-34391 was published for libxmljs (npm) May 2, 2024
libxmljs2 type confusion vulnerability when parsing specially crafted XML Critical
CVE-2024-34393 was published for libxmljs2 (npm) May 2, 2024
libxmljs2 vulnerable to type confusion when parsing specially crafted XML Critical
CVE-2024-34394 was published for libxmljs2 (npm) May 2, 2024
macariomartins
In venc, there is a possible out of bounds write due to type confusion. This could lead to local... Critical Unreviewed
CVE-2024-20078 was published Jul 1, 2024
A potentially exploitable type confusion could be triggered when looking up a property name on an... Critical Unreviewed
CVE-2024-8381 was published Sep 3, 2024
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an... Critical Unreviewed
CVE-2024-8385 was published Sep 3, 2024
Duplicate Advisory: .NET and Visual Studio Remote Code Execution Vulnerability Critical
GHSA-8rxm-6783-qh55 was published for System.Formats.Nrbf (NuGet) Nov 12, 2024 withdrawn
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to... Critical Unreviewed
CVE-2018-9471 was published Nov 20, 2024
A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit... Critical Unreviewed
CVE-2024-24421 was published Jan 22, 2025
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau... Critical Unreviewed
CVE-2025-26496 was published Aug 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database