Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,330
Erlang
31
GitHub Actions
21
Go
2,091
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in... Moderate Unreviewed
CVE-2018-16872 was published May 13, 2022
DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI... High Unreviewed
CVE-2022-33984 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the software SMI handler used by... Moderate Unreviewed
CVE-2022-33907 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI... Moderate Unreviewed
CVE-2022-33906 was published Nov 15, 2022
Update description and links DMA transactions which are targeted at input buffers used for the... Moderate Unreviewed
CVE-2022-31243 was published Nov 15, 2022
DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after... Moderate Unreviewed
CVE-2022-30774 was published Nov 15, 2022
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the BIOS... High Unreviewed
CVE-2022-27538 was published Feb 1, 2023
Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-34398 was published Feb 1, 2023
DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead... Moderate Unreviewed
CVE-2022-33982 was published Nov 15, 2022
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32476 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32470 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32475 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32477 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32469 was published Feb 15, 2023
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP... High Unreviewed
CVE-2022-43779 was published Feb 12, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32954 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32953 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32955 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32474 was published Feb 15, 2023
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. The IhisiDxe... High Unreviewed
CVE-2022-32471 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32473 was published Feb 15, 2023
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the... High Unreviewed
CVE-2022-32478 was published Feb 15, 2023
Race Condition Enabling Link Following and Time-of-check Time-of-use (TOCTOU) Race Condition in remove_dir_all Low
GHSA-mc8h-8q98-g5hr was published for remove_dir_all (Rust) Feb 24, 2023
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client... Moderate Unreviewed
CVE-2020-13162 was published May 24, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-44670 was published Dec 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database