GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
278 advisories
Filter by severity
In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB...
High
Unreviewed
CVE-2022-30283
was published
Nov 16, 2022
DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe...
High
Unreviewed
CVE-2022-34325
was published
Nov 15, 2022
DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after...
Moderate
Unreviewed
CVE-2022-30773
was published
Nov 15, 2022
DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe...
Moderate
Unreviewed
CVE-2022-32266
was published
Nov 15, 2022
DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead...
Moderate
Unreviewed
CVE-2022-33982
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the software SMI handler used by...
Moderate
Unreviewed
CVE-2022-33907
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI...
High
Unreviewed
CVE-2022-33985
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler...
High
Unreviewed
CVE-2022-33905
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the HddPassword software SMI...
High
Unreviewed
CVE-2022-33909
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software...
Moderate
Unreviewed
CVE-2022-32267
was published
Nov 15, 2022
DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could...
Moderate
Unreviewed
CVE-2022-33986
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI...
High
Unreviewed
CVE-2022-33983
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI...
High
Unreviewed
CVE-2022-33908
was published
Nov 15, 2022
DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after...
Moderate
Unreviewed
CVE-2022-30774
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI...
High
Unreviewed
CVE-2022-33984
was published
Nov 15, 2022
Update description and links DMA transactions which are targeted at input buffers used for the...
Moderate
Unreviewed
CVE-2022-31243
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI...
Moderate
Unreviewed
CVE-2022-33906
was published
Nov 15, 2022
Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may...
Moderate
Unreviewed
CVE-2022-21198
was published
Nov 11, 2022
In jpeg, there is a possible use after free due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-32608
was published
Nov 9, 2022
Memory corruption in display due to time-of-check time-of-use of metadata reserved size in...
High
Unreviewed
CVE-2022-33214
was published
Oct 19, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon ...
Moderate
Unreviewed
CVE-2022-22225
was published
Oct 18, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd...
Moderate
Unreviewed
CVE-2022-22220
was published
Oct 18, 2022
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection...
High
Unreviewed
CVE-2022-41744
was published
Oct 11, 2022
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd...
Moderate
Unreviewed
CVE-2022-29800
was published
Sep 22, 2022
Memory corruption in display due to time-of-check time-of-use race condition during map or unmap...
High
Unreviewed
CVE-2022-25696
was published
Sep 17, 2022
ProTip!
Advisories are also available from the
GraphQL API