Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

348 advisories

Loading
Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker... High Unreviewed
CVE-2024-2887 was published Mar 26, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to... Unknown Unreviewed
CVE-2024-12692 was published Dec 19, 2024
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to... Critical Unreviewed
CVE-2018-9471 was published Nov 20, 2024
A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena... Moderate Unreviewed
CVE-2019-13519 was published May 24, 2022
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2023-49602 was published Mar 4, 2024
A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS... Moderate Unreviewed
CVE-2024-54505 was published Dec 12, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to... High Unreviewed
CVE-2024-12381 was published Dec 12, 2024
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15... Moderate Unreviewed
CVE-2024-54524 was published Dec 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49119 was published Dec 12, 2024
Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to... High Unreviewed
CVE-2024-1938 was published Feb 29, 2024
Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in... Moderate Unreviewed
CVE-2023-46842 was published May 16, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to... High Unreviewed
CVE-2024-12053 was published Dec 3, 2024
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit... High Unreviewed
CVE-2024-7971 was published Aug 21, 2024
In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from... Moderate Unreviewed
CVE-2024-34742 was published Aug 16, 2024
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of... High Unreviewed
CVE-2018-9339 was published Nov 19, 2024
IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2024-11508 was published Nov 22, 2024
IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2024-11507 was published Nov 22, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to... High Unreviewed
CVE-2024-11395 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return... High Unreviewed
CVE-2024-49860 was published Oct 21, 2024
In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2024-20106 was published Nov 4, 2024
marshall in dhcp_packet.c in simple-dhcp-server through ec976d2 allows remote attackers to cause... Moderate Unreviewed
CVE-2023-50433 was published Apr 30, 2024
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot... Moderate Unreviewed
CVE-2024-7825 was published Oct 3, 2024
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot... Moderate Unreviewed
CVE-2024-7824 was published Oct 3, 2024
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to... High Unreviewed
CVE-2024-10230 was published Oct 23, 2024
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to... High Unreviewed
CVE-2024-10231 was published Oct 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database