Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

140 advisories

Loading
Information disclosure in WLAN HAL while handling command through WMI interfaces. Moderate Unreviewed
CVE-2023-28569 was published Nov 14, 2023
Memory corruption in WLAN HOST while processing the WLAN scan descriptor list. High Unreviewed
CVE-2023-28572 was published Nov 14, 2023
Information disclosure in WLAN HAL while handling the WMI state info command. Moderate Unreviewed
CVE-2023-28566 was published Nov 14, 2023
Information disclosure in IOE Firmware while handling WMI command. Moderate Unreviewed
CVE-2023-28563 was published Nov 14, 2023
Information disclosure in WLAN HAL when reception status handler is called. Moderate Unreviewed
CVE-2023-28568 was published Nov 14, 2023
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. Moderate Unreviewed
CVE-2023-28554 was published Nov 14, 2023
Information Disclosure in WLAN Host when processing WMI event command. Moderate Unreviewed
CVE-2023-28553 was published Nov 14, 2023
A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo... Moderate Unreviewed
CVE-2023-43574 was published Nov 9, 2023
A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products... Moderate Unreviewed
CVE-2023-43572 was published Nov 9, 2023
A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop... Moderate Unreviewed
CVE-2023-43568 was published Nov 9, 2023
Transient DOS in WLAN Firmware while parsing rsn ies. High Unreviewed
CVE-2023-33027 was published Oct 3, 2023
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line... High Unreviewed
CVE-2023-24848 was published Oct 3, 2023
Information Disclosure in data Modem while parsing an FMTP line in an SDP message. High Unreviewed
CVE-2023-24849 was published Oct 3, 2023
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming... Moderate Unreviewed
CVE-2023-28571 was published Oct 3, 2023
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Critical Unreviewed
CVE-2023-22385 was published Oct 3, 2023
Transient DOS in WLAN Firmware while parsing a NAN management frame. High Unreviewed
CVE-2023-33026 was published Oct 3, 2023
Transient DOS in WLAN firmware while parsing MLO (multi-link operation). High Unreviewed
CVE-2023-33016 was published Sep 5, 2023
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. High Unreviewed
CVE-2023-33015 was published Sep 5, 2023
Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard. Moderate Unreviewed
CVE-2023-21667 was published Sep 5, 2023
Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service. High Unreviewed
CVE-2022-40524 was published Sep 5, 2023
Information disclosure in Automotive multimedia due to buffer over-read. Moderate Unreviewed
CVE-2022-33220 was published Sep 5, 2023
Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. Moderate Unreviewed
CVE-2023-4758 was published Sep 4, 2023
Transient DOS in Audio while remapping channel buffer in media codec decoding. High Unreviewed
CVE-2023-28555 was published Aug 8, 2023
Information disclosure in Network Services due to buffer over-read while the device receives DNS... High Unreviewed
CVE-2023-21625 was published Aug 8, 2023
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection... Moderate Unreviewed
CVE-2023-3649 was published Jul 14, 2023
ProTip! Advisories are also available from the GraphQL API