Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

37 advisories

Loading
A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could... Critical Unreviewed
CVE-2023-25933 was published May 19, 2023
Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions.... Critical Unreviewed
CVE-2022-48511 was published Jul 6, 2023
coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not block multiple Content... Critical Unreviewed
CVE-2023-38199 was published Jul 13, 2023
In multiple locations, there is a possible code execution due to type confusion. This could lead... Critical Unreviewed
CVE-2023-21287 was published Aug 15, 2023
In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in ... Critical Unreviewed
CVE-2023-43154 was published Sep 27, 2023
Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type. Critical Unreviewed
CVE-2023-26063 was published Apr 10, 2023
Prototype Pollution in immer Critical
CVE-2021-23436 was published for immer (npm) Sep 2, 2021
levpachmanov
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x... Critical Unreviewed
CVE-2023-42464 was published Sep 20, 2023
In venc, there is a possible out of bounds write due to type confusion. This could lead to local... Critical Unreviewed
CVE-2024-20078 was published Jul 1, 2024
Type confusion if __private_get_type_id__ is overriden Critical
CVE-2020-25575 was published for failure (Rust) Jun 16, 2022
michaelkedar
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an... Critical Unreviewed
CVE-2024-8385 was published Sep 3, 2024
A potentially exploitable type confusion could be triggered when looking up a property name on an... Critical Unreviewed
CVE-2024-8381 was published Sep 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database