Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

68 advisories

Loading
Windows Remote Access Connection Manager Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-26255 was published Apr 9, 2024
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is... Moderate Unreviewed
CVE-2023-45919 was published Mar 27, 2024
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-26160 was published Mar 12, 2024
Information Disclosure while processing IOCTL request in FastRPC. Moderate Unreviewed
CVE-2023-33078 was published Mar 4, 2024
Transient DOS while processing channel information for speaker protection v2 module in ADSP. Moderate Unreviewed
CVE-2023-33090 was published Mar 4, 2024
A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston... Moderate Unreviewed
CVE-2023-39540 was published Feb 20, 2024
A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston... Moderate Unreviewed
CVE-2023-39541 was published Feb 20, 2024
Windows Kernel Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-21340 was published Feb 13, 2024
Information disclosure in Audio while accessing AVCS services from ADSP payload. Moderate Unreviewed
CVE-2023-33065 was published Feb 6, 2024
Transient DOS in Audio when invoking callback function of ASM driver. Moderate Unreviewed
CVE-2023-33064 was published Feb 6, 2024
Information disclosure in WLAN HAL while handling command through WMI interfaces. Moderate Unreviewed
CVE-2023-28569 was published Nov 14, 2023
Information disclosure in WLAN HAL while handling the WMI state info command. Moderate Unreviewed
CVE-2023-28566 was published Nov 14, 2023
Information disclosure in IOE Firmware while handling WMI command. Moderate Unreviewed
CVE-2023-28563 was published Nov 14, 2023
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. Moderate Unreviewed
CVE-2023-28554 was published Nov 14, 2023
Information disclosure in WLAN HAL when reception status handler is called. Moderate Unreviewed
CVE-2023-28568 was published Nov 14, 2023
Information Disclosure in WLAN Host when processing WMI event command. Moderate Unreviewed
CVE-2023-28553 was published Nov 14, 2023
A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products... Moderate Unreviewed
CVE-2023-43572 was published Nov 9, 2023
A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo... Moderate Unreviewed
CVE-2023-43574 was published Nov 9, 2023
A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop... Moderate Unreviewed
CVE-2023-43568 was published Nov 9, 2023
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming... Moderate Unreviewed
CVE-2023-28571 was published Oct 3, 2023
Windows Kernel Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-36803 was published Sep 12, 2023
Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard. Moderate Unreviewed
CVE-2023-21667 was published Sep 5, 2023
Information disclosure in Automotive multimedia due to buffer over-read. Moderate Unreviewed
CVE-2022-33220 was published Sep 5, 2023
Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. Moderate Unreviewed
CVE-2023-4758 was published Sep 4, 2023
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection... Moderate Unreviewed
CVE-2023-3649 was published Jul 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database