GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,562
Composer 4,198
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,847

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

286 advisories

Filter by severity

Sort by

Least recently updated

In isp, there is a possible out of bounds write due to a race condition. This could lead to local... Moderate Unreviewed

CVE-2022-32638 was published Jan 3, 2023

A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused... High Unreviewed

CVE-2022-22753 was published Dec 22, 2022

When installing an add-on, Firefox verified the signature before prompting the user; but while... High Unreviewed

CVE-2022-26387 was published Dec 22, 2022

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed

CVE-2022-44670 was published Dec 13, 2022

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed

CVE-2022-44651 was published Dec 12, 2022

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022... High Unreviewed

CVE-2022-39908 was published Dec 8, 2022

Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to... Low Unreviewed

CVE-2022-45842 was published Nov 30, 2022

An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged... High Unreviewed

CVE-2022-34830 was published Nov 23, 2022

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB... High Unreviewed

CVE-2022-30283 was published Nov 16, 2022

DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe... High Unreviewed

CVE-2022-34325 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after... Moderate Unreviewed

CVE-2022-30773 was published Nov 15, 2022

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe... Moderate Unreviewed

CVE-2022-32266 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the software SMI handler used by... Moderate Unreviewed

CVE-2022-33907 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead... Moderate Unreviewed

CVE-2022-33982 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI... High Unreviewed

CVE-2022-33985 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software... Moderate Unreviewed

CVE-2022-32267 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler... High Unreviewed

CVE-2022-33905 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the HddPassword software SMI... High Unreviewed

CVE-2022-33909 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could... Moderate Unreviewed

CVE-2022-33986 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI... High Unreviewed

CVE-2022-33983 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI... High Unreviewed

CVE-2022-33908 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI... Moderate Unreviewed

CVE-2022-33906 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI... High Unreviewed

CVE-2022-33984 was published Nov 15, 2022

Update description and links DMA transactions which are targeted at input buffers used for the... Moderate Unreviewed

CVE-2022-31243 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after... Moderate Unreviewed

CVE-2022-30774 was published Nov 15, 2022

Previous 1 2 … 5 6 7 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

286 advisories