Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,951
Erlang
39
GitHub Actions
38
Go
2,607
Maven
5,000+
npm
4,251
NuGet
757
pip
4,017
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

188 advisories

Loading
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write... High Unreviewed
CVE-2023-21651 was published Aug 8, 2023
Memory corruption in Graphics while importing a file. High Unreviewed
CVE-2023-21665 was published May 2, 2023
Transient DOS while processing DL NAS TRANSPORT message with payload length 0. High Unreviewed
CVE-2023-33101 was published Apr 1, 2024
Memory corruption in Trusted Execution Environment while calling service API with invalid address. High Unreviewed
CVE-2023-21627 was published Aug 8, 2023
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... High Unreviewed
CVE-2024-35303 was published Jun 11, 2024
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage... High Unreviewed
CVE-2024-28130 was published Apr 23, 2024
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP... High Unreviewed
CVE-2024-39590 was published Sep 18, 2024
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP... High Unreviewed
CVE-2024-39589 was published Sep 18, 2024
Duplicate Advisory: AWS Redshift JDBC Driver fails to validate class type during object instantiation High
GHSA-5c6q-f783-h888 was published for com.amazon.redshift:redshift-jdbc42 (Maven) Sep 30, 2022 withdrawn
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of... High Unreviewed
CVE-2018-9339 was published Nov 19, 2024
While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic... High Unreviewed
CVE-2023-28162 was published Jun 2, 2023
An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to... High Unreviewed
CVE-2023-25737 was published Jun 2, 2023
Memory corruption while processing IOCTL calls. High Unreviewed
CVE-2024-43058 was published Apr 7, 2025
The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as... High Unreviewed
CVE-2016-5161 was published May 14, 2022
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue... High Unreviewed
CVE-2016-7617 was published May 17, 2022
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to... High Unreviewed
CVE-2016-8602 was published May 14, 2022
readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which... High Unreviewed
CVE-2017-9042 was published May 17, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion... High Unreviewed
CVE-2017-3106 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14823 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14828 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14830 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14826 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14829 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14837 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14835 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database