GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
80 advisories
Filter by severity
Information disclosure in Video while parsing mp2 clip with invalid section length.
High
Unreviewed
CVE-2023-43555
was published
Jun 3, 2024
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
High
Unreviewed
CVE-2024-23363
was published
Jun 3, 2024
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.
High
Unreviewed
CVE-2024-21477
was published
May 6, 2024
Windows USB Print Driver Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-26243
was published
Apr 9, 2024
A heap-based buffer over-read vulnerability was found in the X.org server's...
High
Unreviewed
CVE-2024-31080
was published
Apr 4, 2024
A heap-based buffer over-read vulnerability was found in the X.org server's...
High
Unreviewed
CVE-2024-31081
was published
Apr 4, 2024
A heap-based buffer over-read vulnerability was found in the X.org server's...
High
Unreviewed
CVE-2024-31082
was published
Apr 4, 2024
Memory corruption while processing buffer initialization, when trusted report for certain report...
High
Unreviewed
CVE-2023-33115
was published
Apr 1, 2024
StringIO buffer overread vulnerability
High
CVE-2024-27280
was published
for
stringio
(RubyGems)
Mar 25, 2024
Windows Kernel Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-26176
was published
Mar 12, 2024
Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol...
High
Unreviewed
CVE-2023-43539
was published
Mar 4, 2024
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote...
High
Unreviewed
CVE-2024-20290
was published
Feb 7, 2024
Transient DOS while parse fils IE with length equal to 1.
High
Unreviewed
CVE-2023-43536
was published
Feb 6, 2024
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802...
High
Unreviewed
CVE-2023-43533
was published
Feb 6, 2024
Transient DOS in Core when DDR memory check is called while DDR is not initialized.
High
Unreviewed
CVE-2023-33060
was published
Feb 6, 2024
Information disclosure in Modem while processing SIB5.
High
Unreviewed
CVE-2023-33058
was published
Feb 6, 2024
Transient DOS while parsing GATT service data when the total amount of memory that is required by...
High
Unreviewed
CVE-2023-43512
was published
Jan 2, 2024
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.
High
Unreviewed
CVE-2023-33112
was published
Jan 2, 2024
Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.
High
Unreviewed
CVE-2023-33116
was published
Jan 2, 2024
Transient DOS in Data Modem during DTLS handshake.
High
Unreviewed
CVE-2023-33040
was published
Jan 2, 2024
Transient DOS in WLAN Firmware while parsing a BTM request.
High
Unreviewed
CVE-2023-33062
was published
Jan 2, 2024
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response...
High
Unreviewed
CVE-2023-33080
was published
Dec 5, 2023
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
High
Unreviewed
CVE-2023-33081
was published
Dec 5, 2023
Transient DOS in WLAN Firmware while processing a FTMR frame.
High
Unreviewed
CVE-2023-33097
was published
Dec 5, 2023
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
High
Unreviewed
CVE-2023-33098
was published
Dec 5, 2023
ProTip!
Advisories are also available from the
GraphQL API