GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
libxmljs2 vulnerable to type confusion when parsing specially crafted XML
Critical
CVE-2024-34394
was published
for
libxmljs2
(npm)
May 2, 2024
libxmljs2 type confusion vulnerability when parsing specially crafted XML
Critical
CVE-2024-34393
was published
for
libxmljs2
(npm)
May 2, 2024
libxmljs vulnerable to type confusion when parsing specially crafted XML
Critical
CVE-2024-34391
was published
for
libxmljs
(npm)
May 2, 2024
libxmljs vulnerable to type confusion when parsing specially crafted XML
Critical
CVE-2024-34392
was published
for
libxmljs
(npm)
May 2, 2024
Duplicate Advisory: .NET and Visual Studio Remote Code Execution Vulnerability
Critical
GHSA-8rxm-6783-qh55
was published
for
System.Formats.Nrbf
(NuGet)
Nov 12, 2024
•
withdrawn
Type confusion if __private_get_type_id__ is overriden
Critical
CVE-2020-25575
was published
for
failure
(Rust)
Jun 16, 2022
Rust Failure Crate Vulnerable to Type confusion
Critical
CVE-2019-25010
was published
for
failure
(Rust)
Aug 25, 2021
Unsafe fall-through in getWhereConditions
Critical
CVE-2023-22579
was published
for
@sequelize/core
(npm)
Feb 23, 2023
Firebase PHP-JWT key/algorithm type confusion
Critical
CVE-2021-46743
was published
for
firebase/php-jwt
(Composer)
Mar 30, 2022
Access of Resource Using Incompatible Type in Facebook Hermes
Critical
CVE-2020-1911
was published
for
hermes-engine
(npm)
May 24, 2022
Type Confusion in ImpressCMS
Critical
CVE-2021-26600
was published
for
impresscms/impresscms
(Composer)
Mar 29, 2022
Access of Resource Using Incompatible Type in Hermes
Critical
CVE-2021-24044
was published
for
hermes-engine
(npm)
Jan 16, 2022
Access of Resource Using Incompatible Type ('Type Confusion') in yourls/yourls
Critical
CVE-2019-14537
was published
for
yourls/yourls
(Composer)
Sep 23, 2019
ProTip!
Advisories are also available from the
GraphQL API