Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

223 advisories

Loading
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... High Unreviewed
CVE-2024-35303 was published Jun 11, 2024
transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA. Moderate Unreviewed
CVE-2024-21478 was published Jun 3, 2024
Type confusion in Snapchat LensCore could lead to denial of service or arbitrary code execution... Unknown Unreviewed
CVE-2024-5436 was published May 31, 2024
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage... High Unreviewed
CVE-2024-28130 was published Apr 23, 2024
Transient DOS while processing DL NAS TRANSPORT message with payload length 0. High Unreviewed
CVE-2023-33101 was published Apr 1, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201... High Unreviewed
CVE-2023-45204 was published Oct 10, 2023
Weaviate denial of service vulnerability High
CVE-2023-38976 was published for github.com/weaviate/weaviate (Go) Aug 22, 2023
360AIVul
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write... High Unreviewed
CVE-2023-21651 was published Aug 8, 2023
Memory corruption in Trusted Execution Environment while calling service API with invalid address. High Unreviewed
CVE-2023-21627 was published Aug 8, 2023
Memory corruption in Video while calling APIs with different instance ID than the one received in... High Unreviewed
CVE-2023-21638 was published Jul 4, 2023
Swift-corelibs-foundation denial of service in JSON decoding with JSONDecoder High
CVE-2022-1642 was published for github.com/apple/swift-corelibs-foundation (Swift) Jun 7, 2023
weissi gliush
Memory corruption in Audio due to incorrect type cast during audio use-cases. High Unreviewed
CVE-2022-33240 was published Jun 6, 2023
While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic... High Unreviewed
CVE-2023-28162 was published Jun 2, 2023
Memory corruption in Graphics while importing a file. High Unreviewed
CVE-2023-21665 was published May 2, 2023
Memory corruption due to incorrect type conversion or cast in audio while using audio playback... High Unreviewed
CVE-2022-33301 was published Apr 13, 2023
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of... Critical Unreviewed
CVE-2022-43663 was published Mar 20, 2023
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID... High Unreviewed
CVE-2022-40531 was published Mar 10, 2023
Memory corruption in display driver due to incorrect type casting while accessing the fence... High Unreviewed
CVE-2022-25715 was published Jan 9, 2023
Invalid char to bool conversion when printing a tensor Moderate
CVE-2022-41911 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail in `BCast` overflow Moderate
CVE-2022-41890 was published for tensorflow (pip) Nov 21, 2022
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue... Critical Unreviewed
CVE-2022-3979 was published Nov 14, 2022
A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local... High Unreviewed
CVE-2022-41668 was published Nov 4, 2022
com.amazon.redshift:redshift-jdbc42 vulnerable to remote command execution High
CVE-2022-41828 was published for com.amazon.redshift:redshift-jdbc42 (Maven) Oct 12, 2022
AWS Redshift JDBC Driver fails to validate class type during object instantiation High
GHSA-5c6q-f783-h888 was published for com.amazon.redshift:redshift-jdbc42 (Maven) Sep 30, 2022
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases,... High Unreviewed
CVE-2020-10735 was published Sep 10, 2022
ProTip! Advisories are also available from the GraphQL API