Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

194 advisories

Loading
Memory corruption in Multimedia Framework due to unsafe access to the data members High Unreviewed
CVE-2022-25716 was published Jan 9, 2023
When installing an add-on, Firefox verified the signature before prompting the user; but while... High Unreviewed
CVE-2022-26387 was published Dec 22, 2022
A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused... High Unreviewed
CVE-2022-22753 was published Dec 22, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-44670 was published Dec 13, 2022
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2022-44651 was published Dec 12, 2022
TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022... High Unreviewed
CVE-2022-39908 was published Dec 8, 2022
An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged... High Unreviewed
CVE-2022-34830 was published Nov 23, 2022
In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB... High Unreviewed
CVE-2022-30283 was published Nov 16, 2022
DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe... High Unreviewed
CVE-2022-34325 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the HddPassword software SMI... High Unreviewed
CVE-2022-33909 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI... High Unreviewed
CVE-2022-33908 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI... High Unreviewed
CVE-2022-33984 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler... High Unreviewed
CVE-2022-33905 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI... High Unreviewed
CVE-2022-33983 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI... High Unreviewed
CVE-2022-33985 was published Nov 15, 2022
Memory corruption in display due to time-of-check time-of-use of metadata reserved size in... High Unreviewed
CVE-2022-33214 was published Oct 19, 2022
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection... High Unreviewed
CVE-2022-41744 was published Oct 11, 2022
memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon... High Unreviewed
CVE-2022-22094 was published Sep 17, 2022
Memory corruption in display due to time-of-check time-of-use race condition during map or unmap... High Unreviewed
CVE-2022-25696 was published Sep 17, 2022
Memory corruption or temporary denial of service due to improper handling of concurrent... High Unreviewed
CVE-2022-22093 was published Sep 17, 2022
Dell BIOS contains a race condition vulnerability. A local attacker could exploit this... High Unreviewed
CVE-2022-26859 was published Sep 7, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2022-34899 was published Jul 19, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-34986 was published Jul 16, 2022
The Automox Agent installation package before 37 on macOS allows an unprivileged user to obtain... High Unreviewed
CVE-2022-27904 was published Jul 2, 2022
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a... High Unreviewed
CVE-2021-35082 was published Jun 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database