Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,626
Erlang
29
GitHub Actions
16
Go
1,698
Maven
4,936
npm
3,466
NuGet
601
pip
2,975
Pub
10
RubyGems
826
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+

326 advisories

Privilege escalation in mysql-connector-jav Moderate
CVE-2019-2692 was published for mysql:mysql-connector-java (Maven) Jul 1, 2020
Clarify `mediaType` handling Low
GHSA-77vh-xpmg-72qh was published for github.com/opencontainers/image-spec (Go) Nov 18, 2021
Access of Resource Using Incompatible Type ('Type Confusion') in yourls/yourls Critical
CVE-2019-14537 was published for yourls/yourls (Composer) Sep 23, 2019
Cross-site Scripting in bootstrap-table Low
CVE-2021-23472 was published for bootstrap-table (npm) Nov 8, 2021
Access of Resource Using Incompatible Type in Hermes Critical
CVE-2021-24044 was published for hermes-engine (npm) Jan 16, 2022
There is a vulnerability of accessing resources using an incompatible type (type confusion) in... High Unreviewed
CVE-2021-40061 was published Mar 11, 2022
Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to... High Unreviewed
CVE-2021-4056 was published Dec 24, 2021
Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to... High Unreviewed
CVE-2021-4061 was published Dec 24, 2021
Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to... High Unreviewed
CVE-2021-4078 was published Dec 24, 2021
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS... High Unreviewed
CVE-2022-22661 was published Mar 19, 2022
Type Confusion in ImpressCMS Critical
CVE-2021-26600 was published for impresscms/impresscms (Composer) Mar 29, 2022
Type Confusion in LiveHelperChat High
CVE-2022-1176 was published for remdex/livehelperchat (Composer) Apr 1, 2022
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker... High Unreviewed
CVE-2022-0795 was published Apr 6, 2022
Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to... High Unreviewed
CVE-2022-0457 was published Apr 6, 2022
Prototype Pollution in json-pointer Moderate
CVE-2021-23820 was published for json-pointer (npm) Nov 8, 2021
G-Rath
Access of Resource Using Incompatible Type in Facebook Hermes Critical
CVE-2020-1911 was published for hermes-engine (npm) May 24, 2022
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may... High Unreviewed
CVE-2021-32965 was published May 25, 2022
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari... High Unreviewed
CVE-2020-9948 was published May 24, 2022
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to... High Unreviewed
CVE-2021-30551 was published May 24, 2022
Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to... High Unreviewed
CVE-2022-2158 was published Jul 29, 2022
Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to... High Unreviewed
CVE-2022-1232 was published Jul 26, 2022
Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker... High Unreviewed
CVE-2022-1364 was published Jul 27, 2022
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012... High Unreviewed
CVE-2022-34221 was published Jul 16, 2022
Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to... Moderate Unreviewed
CVE-2022-1869 was published Jul 28, 2022
Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain... High Unreviewed
CVE-2022-1486 was published Jul 27, 2022
ProTip! Advisories are also available from the GraphQL API