GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
393 advisories
Filter by severity
Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to...
High
Unreviewed
CVE-2024-12053
was published
Dec 3, 2024
IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2024-11508
was published
Nov 22, 2024
IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2024-11507
was published
Nov 22, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to...
High
Unreviewed
CVE-2024-11395
was published
Nov 19, 2024
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of...
High
Unreviewed
CVE-2018-9339
was published
Nov 19, 2024
Duplicate Advisory: .NET and Visual Studio Remote Code Execution Vulnerability
Critical
GHSA-8rxm-6783-qh55
was published
for
System.Formats.Nrbf
(NuGet)
Nov 12, 2024
•
withdrawn
In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to...
Moderate
Unreviewed
CVE-2024-20106
was published
Nov 4, 2024
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to...
High
Unreviewed
CVE-2024-10231
was published
Oct 23, 2024
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to...
High
Unreviewed
CVE-2024-10230
was published
Oct 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
ACPI: sysfs: validate return...
High
Unreviewed
CVE-2024-49860
was published
Oct 21, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-43596
was published
Oct 18, 2024
Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker...
High
Unreviewed
CVE-2024-9859
was published
Oct 11, 2024
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to...
High
Unreviewed
CVE-2024-9603
was published
Oct 9, 2024
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to...
High
Unreviewed
CVE-2024-9602
was published
Oct 9, 2024
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot...
Moderate
Unreviewed
CVE-2024-7824
was published
Oct 3, 2024
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot...
Moderate
Unreviewed
CVE-2024-7825
was published
Oct 3, 2024
Jenkins item creation restriction bypass vulnerability
Moderate
CVE-2024-47804
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Oct 2, 2024
Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform...
High
Unreviewed
CVE-2024-9122
was published
Sep 25, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-43489
was published
Sep 19, 2024
Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to...
High
Unreviewed
CVE-2024-8904
was published
Sep 17, 2024
Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are...
High
Unreviewed
CVE-2024-45112
was published
Sep 13, 2024
Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to...
High
Unreviewed
CVE-2024-8638
was published
Sep 11, 2024
Issue summary: Applications performing certificate name checks (e.g., TLS
clients checking server...
High
Unreviewed
CVE-2024-6119
was published
Sep 3, 2024
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an...
Critical
Unreviewed
CVE-2024-8385
was published
Sep 3, 2024
A potentially exploitable type confusion could be triggered when looking up a property name on an...
Critical
Unreviewed
CVE-2024-8381
was published
Sep 3, 2024
ProTip!
Advisories are also available from the
GraphQL API