GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
62 advisories
Filter by severity
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
Moderate
Unreviewed
CVE-2024-33043
was published
Sep 2, 2024
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver...
Moderate
Unreviewed
CVE-2024-33037
was published
Dec 2, 2024
Information disclosure while handling beacon probe frame during scan entry generation in client...
Moderate
Unreviewed
CVE-2024-21467
was published
Aug 5, 2024
Information disclosure while handling beacon or probe response frame in STA.
Moderate
Unreviewed
CVE-2024-21459
was published
Aug 5, 2024
A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated...
Moderate
Unreviewed
CVE-2024-9843
was published
Nov 12, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-43595
was published
Oct 18, 2024
Windows Resilient File System (ReFS) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-43500
was published
Oct 8, 2024
Information Disclosure while parsing beacon frame in STA.
Moderate
Unreviewed
CVE-2024-21456
was published
Jul 1, 2024
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might...
Moderate
Unreviewed
CVE-2024-7347
was published
Aug 14, 2024
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is...
Moderate
Unreviewed
CVE-2023-45919
was published
Mar 27, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30071
was published
Jul 9, 2024
Information disclosure while handling SA query action frame.
Moderate
Unreviewed
CVE-2024-21458
was published
Jul 1, 2024
INformation disclosure while handling Multi-link IE in beacon frame.
Moderate
Unreviewed
CVE-2024-21457
was published
Jul 1, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30069
was published
Jun 11, 2024
Information disclosure while handling T2LM Action Frame in WLAN Host.
Moderate
Unreviewed
CVE-2023-43537
was published
Jun 3, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30039
was published
May 14, 2024
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream...
Moderate
Unreviewed
CVE-2023-43528
was published
May 6, 2024
Information disclosure while parsing dts header atom in Video.
Moderate
Unreviewed
CVE-2023-43527
was published
May 6, 2024
Information disclosure in WLAN HAL while handling the WMI state info command.
Moderate
Unreviewed
CVE-2023-28566
was published
Nov 14, 2023
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report...
Moderate
Unreviewed
CVE-2022-33273
was published
May 2, 2023
Transient DOS in Audio when invoking callback function of ASM driver.
Moderate
Unreviewed
CVE-2023-33064
was published
Feb 6, 2024
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
Moderate
Unreviewed
CVE-2023-28554
was published
Nov 14, 2023
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming...
Moderate
Unreviewed
CVE-2023-28571
was published
Oct 3, 2023
Information disclosure in Automotive multimedia due to buffer over-read.
Moderate
Unreviewed
CVE-2022-33220
was published
Sep 5, 2023
Information disclosure in Audio while accessing AVCS services from ADSP payload.
Moderate
Unreviewed
CVE-2023-33065
was published
Feb 6, 2024
ProTip!
Advisories are also available from the
GraphQL API