GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
184 advisories
Filter by severity
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of...
High
Unreviewed
CVE-2018-9339
was published
Nov 19, 2024
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP...
High
Unreviewed
CVE-2024-39590
was published
Sep 18, 2024
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP...
High
Unreviewed
CVE-2024-39589
was published
Sep 18, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302...
High
Unreviewed
CVE-2024-35303
was published
Jun 11, 2024
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage...
High
Unreviewed
CVE-2024-28130
was published
Apr 23, 2024
Transient DOS while processing DL NAS TRANSPORT message with payload length 0.
High
Unreviewed
CVE-2023-33101
was published
Apr 1, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201...
High
Unreviewed
CVE-2023-45204
was published
Oct 10, 2023
Weaviate denial of service vulnerability
High
CVE-2023-38976
was published
for
github.com/weaviate/weaviate
(Go)
Aug 22, 2023
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write...
High
Unreviewed
CVE-2023-21651
was published
Aug 8, 2023
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
High
Unreviewed
CVE-2023-21627
was published
Aug 8, 2023
Memory corruption in Video while calling APIs with different instance ID than the one received in...
High
Unreviewed
CVE-2023-21638
was published
Jul 4, 2023
Swift-corelibs-foundation denial of service in JSON decoding with JSONDecoder
High
CVE-2022-1642
was published
for
github.com/apple/swift-corelibs-foundation
(Swift)
Jun 7, 2023
Memory corruption in Audio due to incorrect type cast during audio use-cases.
High
Unreviewed
CVE-2022-33240
was published
Jun 6, 2023
While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic...
High
Unreviewed
CVE-2023-28162
was published
Jun 2, 2023
Memory corruption in Graphics while importing a file.
High
Unreviewed
CVE-2023-21665
was published
May 2, 2023
Memory corruption due to incorrect type conversion or cast in audio while using audio playback...
High
Unreviewed
CVE-2022-33301
was published
Apr 13, 2023
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID...
High
Unreviewed
CVE-2022-40531
was published
Mar 10, 2023
Memory corruption in display driver due to incorrect type casting while accessing the fence...
High
Unreviewed
CVE-2022-25715
was published
Jan 9, 2023
A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local...
High
Unreviewed
CVE-2022-41668
was published
Nov 4, 2022
com.amazon.redshift:redshift-jdbc42 vulnerable to remote command execution
High
CVE-2022-41828
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
Oct 12, 2022
Duplicate Advisory: AWS Redshift JDBC Driver fails to validate class type during object instantiation
High
GHSA-5c6q-f783-h888
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
Sep 30, 2022
•
withdrawn
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases,...
High
Unreviewed
CVE-2020-10735
was published
Sep 10, 2022
Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon...
High
Unreviewed
CVE-2022-22102
was published
Sep 3, 2022
pg-native and libpq vulnerable to uncontrolled resource consumption
High
CVE-2022-25852
was published
for
libpq
(npm)
Jun 18, 2022
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte...
High
Unreviewed
CVE-2022-32547
was published
Jun 17, 2022
ProTip!
Advisories are also available from the
GraphQL API