Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

68 advisories

Loading
Information Disclosure while invoking the mailbox write API when message received from user is... Moderate Unreviewed
CVE-2024-23366 was published Jan 6, 2025
Information disclosure while processing IOCTL call made for releasing a trusted VM process... Moderate Unreviewed
CVE-2024-33061 was published Jan 6, 2025
Information disclosure while invoking callback function of sound model driver from ADSP for every... Moderate Unreviewed
CVE-2024-33067 was published Jan 6, 2025
information disclosure while invoking the mailbox read API. Moderate Unreviewed
CVE-2024-43063 was published Jan 6, 2025
Transient DOS while processing channel information for speaker protection v2 module in ADSP. Moderate Unreviewed
CVE-2023-33090 was published Mar 4, 2024
Information Disclosure while processing IOCTL request in FastRPC. Moderate Unreviewed
CVE-2023-33078 was published Mar 4, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-26255 was published Apr 9, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-28901 was published Apr 9, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-28900 was published Apr 9, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-28902 was published Apr 9, 2024
Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend. Moderate Unreviewed
CVE-2024-45559 was published Jan 6, 2025
Windows Kernel Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-36803 was published Sep 12, 2023
Transient DOS while handling PS event when Program Service name length offset value is set to 255. Moderate Unreviewed
CVE-2024-33043 was published Sep 2, 2024
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver... Moderate Unreviewed
CVE-2024-33037 was published Dec 2, 2024
Information disclosure while handling beacon probe frame during scan entry generation in client... Moderate Unreviewed
CVE-2024-21467 was published Aug 5, 2024
Information disclosure while handling beacon or probe response frame in STA. Moderate Unreviewed
CVE-2024-21459 was published Aug 5, 2024
A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated... Moderate Unreviewed
CVE-2024-9843 was published Nov 12, 2024
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-43595 was published Oct 18, 2024
Windows Resilient File System (ReFS) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-43500 was published Oct 8, 2024
Information Disclosure while parsing beacon frame in STA. Moderate Unreviewed
CVE-2024-21456 was published Jul 1, 2024
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might... Moderate Unreviewed
CVE-2024-7347 was published Aug 14, 2024
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is... Moderate Unreviewed
CVE-2023-45919 was published Mar 27, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30071 was published Jul 9, 2024
INformation disclosure while handling Multi-link IE in beacon frame. Moderate Unreviewed
CVE-2024-21457 was published Jul 1, 2024
Information disclosure while handling SA query action frame. Moderate Unreviewed
CVE-2024-21458 was published Jul 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database