Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

180 advisories

Loading
A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products... Moderate Unreviewed
CVE-2023-43572 was published Nov 9, 2023
A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop... Moderate Unreviewed
CVE-2023-43568 was published Nov 9, 2023
A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo... Moderate Unreviewed
CVE-2023-43574 was published Nov 9, 2023
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line... High Unreviewed
CVE-2023-24848 was published Oct 3, 2023
Information Disclosure in data Modem while parsing an FMTP line in an SDP message. High Unreviewed
CVE-2023-24849 was published Oct 3, 2023
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Critical Unreviewed
CVE-2023-22385 was published Oct 3, 2023
Transient DOS in WLAN Firmware while parsing a NAN management frame. High Unreviewed
CVE-2023-33026 was published Oct 3, 2023
Transient DOS in WLAN Firmware while parsing rsn ies. High Unreviewed
CVE-2023-33027 was published Oct 3, 2023
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming... Moderate Unreviewed
CVE-2023-28571 was published Oct 3, 2023
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. High Unreviewed
CVE-2023-33015 was published Sep 5, 2023
Transient DOS in WLAN firmware while parsing MLO (multi-link operation). High Unreviewed
CVE-2023-33016 was published Sep 5, 2023
Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service. High Unreviewed
CVE-2022-40524 was published Sep 5, 2023
Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard. Moderate Unreviewed
CVE-2023-21667 was published Sep 5, 2023
Information disclosure in Automotive multimedia due to buffer over-read. Moderate Unreviewed
CVE-2022-33220 was published Sep 5, 2023
Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. Moderate Unreviewed
CVE-2023-4758 was published Sep 4, 2023
Transient DOS in Audio while remapping channel buffer in media codec decoding. High Unreviewed
CVE-2023-28555 was published Aug 8, 2023
Information disclosure in Network Services due to buffer over-read while the device receives DNS... High Unreviewed
CVE-2023-21625 was published Aug 8, 2023
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection... Moderate Unreviewed
CVE-2023-3649 was published Jul 14, 2023
An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3... High Unreviewed
CVE-2023-23571 was published Jul 6, 2023
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. High Unreviewed
CVE-2023-28541 was published Jul 4, 2023
Memory Corruption in WLAN HOST while fetching TX status information. High Unreviewed
CVE-2023-28542 was published Jul 4, 2023
Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source... High Unreviewed
CVE-2023-21669 was published Jun 6, 2023
Transient DOS in WLAN Firmware while processing frames with missing header fields. High Unreviewed
CVE-2023-21659 was published Jun 6, 2023
Transient DOS in WLAN Firmware while parsing FT Information Elements. High Unreviewed
CVE-2023-21660 was published Jun 6, 2023
Transient DOS while parsing WLAN beacon or probe-response frame. High Unreviewed
CVE-2023-21661 was published Jun 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database