Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,296
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

199 advisories

Loading
Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL... High Unreviewed
CVE-2024-45548 was published Jan 6, 2025
Information disclosure while invoking callback function of sound model driver from ADSP for every... Moderate Unreviewed
CVE-2024-33067 was published Jan 6, 2025
Information disclosure while processing IOCTL call made for releasing a trusted VM process... Moderate Unreviewed
CVE-2024-33061 was published Jan 6, 2025
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the... High Unreviewed
CVE-2024-45558 was published Jan 6, 2025
Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend. Moderate Unreviewed
CVE-2024-45559 was published Jan 6, 2025
information disclosure while invoking the mailbox read API. Moderate Unreviewed
CVE-2024-43063 was published Jan 6, 2025
Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space. High Unreviewed
CVE-2024-45546 was published Jan 6, 2025
Information Disclosure while invoking the mailbox write API when message received from user is... Moderate Unreviewed
CVE-2024-23366 was published Jan 6, 2025
Windows Common Log File System Driver Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49088 was published Dec 12, 2024
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver... Moderate Unreviewed
CVE-2024-33037 was published Dec 2, 2024
Memory corruption when allocating and accessing an entry in an SMEM partition continuously. High Unreviewed
CVE-2024-33056 was published Dec 2, 2024
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory... Low Unreviewed
CVE-2024-42333 was published Nov 27, 2024
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while... High Unreviewed
CVE-2018-5852 was published Nov 26, 2024
In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to... Critical Unreviewed
CVE-2017-17772 was published Nov 26, 2024
Microsoft Office Graphics Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49031 was published Nov 12, 2024
A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated... Moderate Unreviewed
CVE-2024-9843 was published Nov 12, 2024
Transient DOS while processing the CU information from RNR IE. High Unreviewed
CVE-2024-38405 was published Nov 4, 2024
Transient DOS while parsing BTM ML IE when per STA profile is not included. High Unreviewed
CVE-2024-38403 was published Nov 4, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-43595 was published Oct 18, 2024
Windows Resilient File System (ReFS) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-43500 was published Oct 8, 2024
Information disclosure while parsing the multiple MBSSID IEs from the beacon. High Unreviewed
CVE-2024-33064 was published Oct 7, 2024
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of... High Unreviewed
CVE-2024-33073 was published Oct 7, 2024
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0. High Unreviewed
CVE-2024-33071 was published Oct 7, 2024
Transient DOS while parsing probe response and assoc response frame. High Unreviewed
CVE-2024-38397 was published Oct 7, 2024
Transient DOS while parsing ESP IE from beacon/probe response frame. High Unreviewed
CVE-2024-33070 was published Oct 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database