Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

222 advisories

Loading
Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had... High Unreviewed
CVE-2025-13720 was published Dec 2, 2025
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an... High Unreviewed
CVE-2018-12386 was published May 14, 2022
In the Linux kernel, the following vulnerability has been resolved: perf/dwc_pcie: fix duplicate... Moderate Unreviewed
CVE-2025-37746 was published May 1, 2025
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP... High Unreviewed
CVE-2024-39589 was published Sep 18, 2024
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP... High Unreviewed
CVE-2024-39590 was published Sep 18, 2024
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage... High Unreviewed
CVE-2024-28130 was published Apr 23, 2024
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases,... High Unreviewed
CVE-2020-10735 was published Sep 10, 2022
In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing... Moderate Unreviewed
CVE-2025-22044 was published Apr 16, 2025
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue... Critical Unreviewed
CVE-2022-3979 was published Nov 14, 2022
A type confusion vulnerability exists in the handling of the string addition (+) operation within... High Unreviewed
CVE-2025-62494 was published Oct 16, 2025
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via ... High Unreviewed
CVE-2017-8291 was published May 14, 2022
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the... High Unreviewed
CVE-2017-0037 was published May 17, 2022
In the Linux kernel, the following vulnerability has been resolved: Revert "readahead: properly... Moderate Unreviewed
CVE-2024-57839 was published Jan 11, 2025
Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a... Critical Unreviewed
CVE-2010-20115 was published Aug 21, 2025
Type confusion in Snapchat LensCore could lead to denial of service or arbitrary code execution... High Unreviewed
CVE-2024-5436 was published May 31, 2024
An unauthenticated remote attacker can bypass the login to the web application of the affected... Critical Unreviewed
CVE-2025-41648 was published Jul 1, 2025
An unauthorized remote attacker can bypass the authentication of the affected software package by... Critical Unreviewed
CVE-2025-41646 was published Jun 6, 2025
DevExpress before 23.1.3 allows arbitrary TypeConverter conversion. Low Unreviewed
CVE-2023-35816 was published Apr 28, 2025
The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor... High Unreviewed
CVE-2021-39989 was published Jan 4, 2022
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix wrong reg type... Moderate Unreviewed
CVE-2022-49873 was published May 1, 2025
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-16572 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14824 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14825 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-14827 was published May 13, 2022
Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged... High Unreviewed
CVE-2017-5717 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database