Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

316 advisories

Loading
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32474 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32955 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32953 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32476 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32470 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32473 was published Feb 15, 2023
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP... High Unreviewed
CVE-2022-43779 was published Feb 12, 2023
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the BIOS... High Unreviewed
CVE-2022-27538 was published Feb 1, 2023
Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-34398 was published Feb 1, 2023
A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user... High Unreviewed
CVE-2022-48191 was published Jan 20, 2023
An Allocation of Resources Without Limits or Throttling weakness in the memory management of the... Moderate Unreviewed
CVE-2023-22397 was published Jan 13, 2023
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially... Moderate Unreviewed
CVE-2023-20523 was published Jan 11, 2023
A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a... Moderate Unreviewed
CVE-2021-46795 was published Jan 11, 2023
Memory corruption in Multimedia Framework due to unsafe access to the data members High Unreviewed
CVE-2022-25716 was published Jan 9, 2023
In isp, there is a possible out of bounds write due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2022-32638 was published Jan 3, 2023
A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused... High Unreviewed
CVE-2022-22753 was published Dec 22, 2022
When installing an add-on, Firefox verified the signature before prompting the user; but while... High Unreviewed
CVE-2022-26387 was published Dec 22, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-44670 was published Dec 13, 2022
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2022-44651 was published Dec 12, 2022
TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022... High Unreviewed
CVE-2022-39908 was published Dec 8, 2022
Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to... Low Unreviewed
CVE-2022-45842 was published Nov 30, 2022
An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged... High Unreviewed
CVE-2022-34830 was published Nov 23, 2022
In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB... High Unreviewed
CVE-2022-30283 was published Nov 16, 2022
DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe... Moderate Unreviewed
CVE-2022-32266 was published Nov 15, 2022
DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after... Moderate Unreviewed
CVE-2022-30773 was published Nov 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database