Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

206 advisories

Loading
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP... High Unreviewed
CVE-2024-39589 was published Sep 18, 2024
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP... High Unreviewed
CVE-2024-39590 was published Sep 18, 2024
An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy... Low Unreviewed
CVE-2024-26015 was published Jul 9, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... High Unreviewed
CVE-2024-35303 was published Jun 11, 2024
transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA. Moderate Unreviewed
CVE-2024-21478 was published Jun 3, 2024
Type confusion in Snapchat LensCore could lead to denial of service or arbitrary code execution... Unknown Unreviewed
CVE-2024-5436 was published May 31, 2024
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage... High Unreviewed
CVE-2024-28130 was published Apr 23, 2024
Transient DOS while processing DL NAS TRANSPORT message with payload length 0. High Unreviewed
CVE-2023-33101 was published Apr 1, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201... High Unreviewed
CVE-2023-45204 was published Oct 10, 2023
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write... High Unreviewed
CVE-2023-21651 was published Aug 8, 2023
Memory corruption in Trusted Execution Environment while calling service API with invalid address. High Unreviewed
CVE-2023-21627 was published Aug 8, 2023
Memory corruption in Video while calling APIs with different instance ID than the one received in... High Unreviewed
CVE-2023-21638 was published Jul 4, 2023
Memory corruption in Audio due to incorrect type cast during audio use-cases. High Unreviewed
CVE-2022-33240 was published Jun 6, 2023
While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic... High Unreviewed
CVE-2023-28162 was published Jun 2, 2023
Memory corruption in Graphics while importing a file. High Unreviewed
CVE-2023-21665 was published May 2, 2023
Memory corruption due to incorrect type conversion or cast in audio while using audio playback... High Unreviewed
CVE-2022-33301 was published Apr 13, 2023
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of... Critical Unreviewed
CVE-2022-43663 was published Mar 20, 2023
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID... High Unreviewed
CVE-2022-40531 was published Mar 10, 2023
Memory corruption in display driver due to incorrect type casting while accessing the fence... High Unreviewed
CVE-2022-25715 was published Jan 9, 2023
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue... Critical Unreviewed
CVE-2022-3979 was published Nov 14, 2022
A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local... High Unreviewed
CVE-2022-41668 was published Nov 4, 2022
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases,... High Unreviewed
CVE-2020-10735 was published Sep 10, 2022
Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon... High Unreviewed
CVE-2022-22102 was published Sep 3, 2022
In audio DSP, there is a possible memory corruption due to improper casting. This could lead to... Moderate Unreviewed
CVE-2022-21786 was published Jul 7, 2022
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte... High Unreviewed
CVE-2022-32547 was published Jun 17, 2022
ProTip! Advisories are also available from the GraphQL API