Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,110
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

115 advisories

Loading
Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac,... Moderate Unreviewed
CVE-2017-5094 was published May 13, 2022
Passing in a non-string 'html' argument can lead to unsanitized output Moderate
CVE-2021-32696 was published for striptags (npm) Jun 18, 2021
erik-krogh
Prototype Pollution in jointjs Moderate
CVE-2021-23444 was published for jointjs (npm) Sep 22, 2021
Cross-site Scripting in teddy Moderate
CVE-2021-23447 was published for teddy (npm) Oct 12, 2021
Prototype Pollution in json-ptr Moderate
CVE-2021-23509 was published for json-ptr (npm) Nov 8, 2021
Prototype Pollution in dotty Moderate
CVE-2021-23624 was published for dotty (npm) Nov 8, 2021
Google V8, as used in Google Chrome before 14.0.835.163, does not properly perform object sealing... Moderate Unreviewed
CVE-2011-2875 was published May 13, 2022
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13... Moderate Unreviewed
CVE-2020-9800 was published May 24, 2022
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in... Moderate Unreviewed
CVE-2021-40037 was published Jan 11, 2022
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to... Moderate Unreviewed
CVE-2012-4512 was published Apr 23, 2022
In ion, there is a possible out of bounds read due to type confusion. This could lead to local... Moderate Unreviewed
CVE-2023-20616 was published Feb 6, 2023
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who... Moderate Unreviewed
CVE-2023-1235 was published Mar 8, 2023
The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7... Moderate Unreviewed
CVE-2023-0083 was published Mar 10, 2023
In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type... Moderate Unreviewed
CVE-2023-21056 was published Mar 24, 2023
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a... Moderate Unreviewed
CVE-2023-23454 was published Jan 12, 2023
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause... Moderate Unreviewed
CVE-2023-23455 was published Jan 12, 2023
A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0... Moderate Unreviewed
CVE-2023-1076 was published Mar 27, 2023
Lua 5.4.4 and 5.4.2 are affected by SEGV by type confusion in funcnamefromcode function in ldebug... Moderate Unreviewed
CVE-2021-44647 was published Jan 12, 2022
Windows Defender Credential Guard Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-34709 was published Aug 10, 2022
Prototype Pollution in object-path Moderate
CVE-2021-23434 was published for object-path (npm) Sep 1, 2021
Cross-site Scripting in edge.js Moderate
CVE-2021-23443 was published for edge.js (npm) Sep 22, 2021
In vdec, there is a possible out of bounds write due to type confusion. This could lead to local... Moderate Unreviewed
CVE-2023-32818 was published Nov 6, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak... Moderate Unreviewed
CVE-2023-46705 was published Nov 20, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary code execution in pre... Moderate Unreviewed
CVE-2023-6045 was published Nov 20, 2023
In keyinstall, there is a possible memory corruption due to type confusion. This could lead to... Moderate Unreviewed
CVE-2023-32835 was published Nov 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database