Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

382 advisories

Loading
Nokogiri implementation of libxslt vulnerable to heap corruption High
CVE-2019-5815 was published for nokogiri (RubyGems) May 24, 2022
In the code that verifies the file size in the ark library, it is possible to manipulate the... High Unreviewed
CVE-2021-26635 was published Jun 3, 2022
Wrong type for `Linker`-define functions when used across two `Engine`s Moderate
CVE-2021-39219 was published for wasmtime (Rust) Sep 20, 2021
alexcrichton
Out of bounds access in rgb Critical
CVE-2020-25016 was published for rgb (Rust) Aug 25, 2021
Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to... High Unreviewed
CVE-2022-1134 was published Jul 24, 2022
Windows Defender Credential Guard Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-34709 was published Aug 10, 2022
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari... High Unreviewed
CVE-2022-42856 was published Dec 15, 2022
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS... High Unreviewed
CVE-2022-42823 was published Nov 2, 2022
Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to... High Unreviewed
CVE-2022-3723 was published Nov 2, 2022
Lua 5.4.4 and 5.4.2 are affected by SEGV by type confusion in funcnamefromcode function in ldebug... Moderate Unreviewed
CVE-2021-44647 was published Jan 12, 2022
A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0... Moderate Unreviewed
CVE-2023-1076 was published Mar 27, 2023
Nokogiri Improperly Handles Unexpected Data Type High
CVE-2022-29181 was published for nokogiri (RubyGems) May 23, 2022
agustingianni
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause... Moderate Unreviewed
CVE-2023-23455 was published Jan 12, 2023
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a... Moderate Unreviewed
CVE-2023-23454 was published Jan 12, 2023
Duplicate advisory: Sequelize - Unsafe fall-through in getWhereConditions High
GHSA-r3vq-92c6-3mqf was published for @sequelize/core (npm) Feb 16, 2023 withdrawn
In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type... Moderate Unreviewed
CVE-2023-21056 was published Mar 24, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-37377 was published Mar 29, 2023
A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness... Low Unreviewed
CVE-2023-1075 was published Mar 27, 2023
Ambiguous OCI manifest parsing Low
GHSA-5j5w-g665-5m35 was published for github.com/containerd/containerd (Go) Nov 18, 2021
tdunlap607
The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7... Moderate Unreviewed
CVE-2023-0083 was published Mar 10, 2023
Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to... High Unreviewed
CVE-2023-1214 was published Mar 8, 2023
Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to... High Unreviewed
CVE-2023-1215 was published Mar 8, 2023
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who... Moderate Unreviewed
CVE-2023-1235 was published Mar 8, 2023
libxslt Type Confusion vulnerability that affects Nokogiri High
CVE-2019-13118 was published for nokogiri (RubyGems) May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2019-13330 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database