GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
403 advisories
Filter by severity
Undefined behaviour in `kvm_ioctls::ioctls::vm::VmFd::create_device`
Moderate
GHSA-3qx8-rv27-j6gp
was published
for
kvm-ioctls
(Rust)
Dec 23, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to...
Unknown
Unreviewed
CVE-2024-12692
was published
Dec 19, 2024
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15...
Moderate
Unreviewed
CVE-2024-54524
was published
Dec 12, 2024
A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS...
Moderate
Unreviewed
CVE-2024-54505
was published
Dec 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-49119
was published
Dec 12, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to...
High
Unreviewed
CVE-2024-12381
was published
Dec 12, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to...
High
Unreviewed
CVE-2024-12053
was published
Dec 3, 2024
IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2024-11508
was published
Nov 22, 2024
IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2024-11507
was published
Nov 22, 2024
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to...
Critical
Unreviewed
CVE-2018-9471
was published
Nov 20, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to...
High
Unreviewed
CVE-2024-11395
was published
Nov 19, 2024
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of...
High
Unreviewed
CVE-2018-9339
was published
Nov 19, 2024
Duplicate Advisory: .NET and Visual Studio Remote Code Execution Vulnerability
Critical
GHSA-8rxm-6783-qh55
was published
for
System.Formats.Nrbf
(NuGet)
Nov 12, 2024
•
withdrawn
In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to...
Moderate
Unreviewed
CVE-2024-20106
was published
Nov 4, 2024
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to...
High
Unreviewed
CVE-2024-10230
was published
Oct 23, 2024
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to...
High
Unreviewed
CVE-2024-10231
was published
Oct 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
ACPI: sysfs: validate return...
High
Unreviewed
CVE-2024-49860
was published
Oct 21, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-43596
was published
Oct 18, 2024
Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker...
High
Unreviewed
CVE-2024-9859
was published
Oct 11, 2024
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to...
High
Unreviewed
CVE-2024-9603
was published
Oct 9, 2024
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to...
High
Unreviewed
CVE-2024-9602
was published
Oct 9, 2024
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot...
Moderate
Unreviewed
CVE-2024-7825
was published
Oct 3, 2024
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot...
Moderate
Unreviewed
CVE-2024-7824
was published
Oct 3, 2024
Jenkins item creation restriction bypass vulnerability
Moderate
CVE-2024-47804
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Oct 2, 2024
Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform...
High
Unreviewed
CVE-2024-9122
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API