Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

221,313 advisories

Loading
Transient DOS in Data Modem during DTLS handshake. High Unreviewed
CVE-2023-33040 was published Jan 2, 2024
Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics... High Unreviewed
CVE-2023-33071 was published Dec 5, 2023
Memory corruption in HLOS while invoking IOCTL calls from user-space. High Unreviewed
CVE-2023-33022 was published Dec 5, 2023
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI... High Unreviewed
CVE-2023-28587 was published Dec 5, 2023
Memory corruption while loading an ELF segment in TEE Kernel. High Unreviewed
CVE-2023-28585 was published Dec 5, 2023
Memory corruption in MPP performance while accessing DSM watermark using external memory address. High Unreviewed
CVE-2023-28550 was published Dec 5, 2023
Memory Corruption in camera while installing a fd for a particular DMA buffer. Moderate Unreviewed
CVE-2023-22383 was published Dec 5, 2023
Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM. Moderate Unreviewed
CVE-2023-21634 was published Dec 5, 2023
Memory corruption in Audio when SSR event is triggered after music playback is stopped. High Unreviewed
CVE-2023-33074 was published Nov 14, 2023
Memory Corruption in Audio while invoking callback function in driver from ADSP. High Unreviewed
CVE-2023-33055 was published Nov 14, 2023
Transient DOS in WLAN Firmware while parsing t2lm buffers. High Unreviewed
CVE-2023-33048 was published Nov 14, 2023
Memory corruption in WLAN HOST while processing the WLAN scan descriptor list. High Unreviewed
CVE-2023-28572 was published Nov 14, 2023
Memory corruption while processing audio effects. High Unreviewed
CVE-2023-28570 was published Nov 14, 2023
Information disclosure in WLAN HAL while handling command through WMI interfaces. Moderate Unreviewed
CVE-2023-28569 was published Nov 14, 2023
Information disclosure in WLAN HAL when reception status handler is called. Moderate Unreviewed
CVE-2023-28568 was published Nov 14, 2023
Cryptographic issue in HLOS during key management. High Unreviewed
CVE-2023-28556 was published Nov 14, 2023
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Critical Unreviewed
CVE-2023-22388 was published Nov 14, 2023
Memory Corruption in Core during syscall for Sectools Fuse comparison feature. High Unreviewed
CVE-2023-21671 was published Nov 14, 2023
Memory corruption while parsing the ADSP response command. High Unreviewed
CVE-2023-33034 was published Oct 3, 2023
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line... High Unreviewed
CVE-2023-24848 was published Oct 3, 2023
Weak configuration in Automotive while VM is processing a listener request from TEE. High Unreviewed
CVE-2023-22382 was published Oct 3, 2023
Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ). High Unreviewed
CVE-2023-22384 was published Oct 3, 2023
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA... High Unreviewed
CVE-2023-33020 was published Sep 5, 2023
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. Critical Unreviewed
CVE-2023-28581 was published Sep 5, 2023
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. High Unreviewed
CVE-2023-33015 was published Sep 5, 2023
ProTip! Advisories are also available from the GraphQL API