Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,071
Maven
5,000+
npm
3,744
NuGet
669
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

340 advisories

Loading
Memory corruption in WLAN handler while processing PhyID in Tx status handler. High Unreviewed
CVE-2023-28558 was published Sep 5, 2023
Memory corruption in WLAN HAL while parsing WMI command parameters. High Unreviewed
CVE-2023-28573 was published Sep 5, 2023
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. High Unreviewed
CVE-2023-28557 was published Sep 5, 2023
Memory corruption in WLAN HAL while handling command through WMI interfaces. High Unreviewed
CVE-2023-28567 was published Sep 5, 2023
Memory Corruption due to improper validation of array index in Linux while updating adn record. High Unreviewed
CVE-2023-21636 was published Sep 5, 2023
Memory corruption due to improper validation of array index in Audio. High Unreviewed
CVE-2022-40534 was published Sep 5, 2023
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum... High Unreviewed
CVE-2022-33275 was published Sep 5, 2023
Crash when processing crafted TIFF files Low
CVE-2023-36308 was published for github.com/disintegration/imaging (Go) Sep 5, 2023
Index out of bounds leading to crash Moderate
CVE-2023-36307 was published for simonwaldherr.de/go/zplgfa (Go) Sep 5, 2023
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. High Unreviewed
CVE-2023-21650 was published Aug 8, 2023
Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact... High Unreviewed
CVE-2023-29458 was published Jul 13, 2023
An access violation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0... High Unreviewed
CVE-2023-31194 was published Jul 5, 2023
A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local... High Unreviewed
CVE-2023-2570 was published Jun 14, 2023
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document... High Unreviewed
CVE-2023-0950 was published May 25, 2023
Memory corruption due to improper validation of array index in computer vision while testing EVA... High Unreviewed
CVE-2022-33281 was published May 2, 2023
A CWE-129: Improper validation of an array index vulnerability exists where a specially... Critical Unreviewed
CVE-2023-28004 was published Apr 19, 2023
A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a... High Unreviewed
CVE-2023-2008 was published Apr 14, 2023
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU... Moderate Unreviewed
CVE-2022-33289 was published Apr 13, 2023
Memory corruption due to improper validation of array index in User Identity Module when APN TLV... High Unreviewed
CVE-2022-33302 was published Apr 13, 2023
Certain Lexmark devices through 2023-02-19 have Improper Validation of an Array Index. Critical Unreviewed
CVE-2023-26066 was published Apr 10, 2023
ADMesh improper array index validation High
CVE-2022-38072 was published for admesh (pip) Apr 3, 2023
A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and... High Unreviewed
CVE-2023-20080 was published Mar 23, 2023
Memory corruption due to improper validation of array index in Multi-mode call processor. Critical Unreviewed
CVE-2022-33256 was published Mar 10, 2023
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP... Critical Unreviewed
CVE-2022-40537 was published Mar 10, 2023
Memory corruption in Automotive Android OS due to improper validation of array index. High Unreviewed
CVE-2022-40539 was published Mar 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database