Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

439 advisories

Loading
coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not block multiple Content... Critical Unreviewed
CVE-2023-38199 was published Jul 13, 2023
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201... High Unreviewed
CVE-2023-37376 was published Jul 11, 2023
Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions.... Critical Unreviewed
CVE-2022-48511 was published Jul 6, 2023
In ion, there is a possible out of bounds read due to type confusion. This could lead to local... Moderate Unreviewed
CVE-2023-20768 was published Jul 4, 2023
Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to... High Unreviewed
CVE-2023-3420 was published Jun 26, 2023
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and... High Unreviewed
CVE-2023-32439 was published Jun 23, 2023
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and... High Unreviewed
CVE-2023-27930 was published Jun 23, 2023
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently... Moderate Unreviewed
CVE-2023-3022 was published Jun 19, 2023
Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to... High Unreviewed
CVE-2023-3216 was published Jun 13, 2023
In vcu, there is a possible memory corruption due to type confusion. This could lead to local... Moderate Unreviewed
CVE-2023-20747 was published Jun 6, 2023
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to... High Unreviewed
CVE-2023-3079 was published Jun 6, 2023
While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic... High Unreviewed
CVE-2023-28162 was published Jun 2, 2023
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to... High Unreviewed
CVE-2023-2936 was published May 31, 2023
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to... High Unreviewed
CVE-2023-2935 was published May 31, 2023
OX App Suite before backend 7.10.6-rev37 allows authenticated users to change the appointments of... Moderate Unreviewed
CVE-2023-24599 was published May 29, 2023
An error in Hermes' algorithm for copying objects properties prior to commit... Critical Unreviewed
CVE-2023-23557 was published May 19, 2023
A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could... Critical Unreviewed
CVE-2023-25933 was published May 19, 2023
Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to... High Unreviewed
CVE-2023-2724 was published May 16, 2023
In vcu, there is a possible memory corruption due to type confusion. This could lead to local... Moderate Unreviewed
CVE-2023-20673 was published May 16, 2023
Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate... Critical Unreviewed
CVE-2021-33970 was published Apr 20, 2023
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to... High Unreviewed
CVE-2023-2033 was published Apr 14, 2023
An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in... High Unreviewed
CVE-2021-46878 was published Apr 11, 2023
Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type. Critical Unreviewed
CVE-2023-26063 was published Apr 10, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-37377 was published Mar 29, 2023
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the... High Unreviewed
CVE-2023-1077 was published Mar 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database