GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
173 advisories
Filter by severity
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802...
High
Unreviewed
CVE-2023-43533
was published
Feb 6, 2024
Transient DOS in WLAN Firmware while parsing a BTM request.
High
Unreviewed
CVE-2023-33062
was published
Jan 2, 2024
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
High
Unreviewed
CVE-2023-33081
was published
Dec 5, 2023
Information disclosure in WLAN HAL while handling the WMI state info command.
Moderate
Unreviewed
CVE-2023-28566
was published
Nov 14, 2023
Transient DOS in WLAN Firmware while parsing rsn ies.
High
Unreviewed
CVE-2023-33027
was published
Oct 3, 2023
Transient DOS while parse fils IE with length equal to 1.
High
Unreviewed
CVE-2023-43536
was published
Feb 6, 2024
Transient DOS in WLAN Firmware while parsing FT Information Elements.
High
Unreviewed
CVE-2023-21660
was published
Jun 6, 2023
Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.
High
Unreviewed
CVE-2023-33116
was published
Jan 2, 2024
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report...
Moderate
Unreviewed
CVE-2022-33273
was published
May 2, 2023
Transient DOS in Audio when invoking callback function of ASM driver.
Moderate
Unreviewed
CVE-2023-33064
was published
Feb 6, 2024
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response...
High
Unreviewed
CVE-2023-33080
was published
Dec 5, 2023
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
High
Unreviewed
CVE-2023-33098
was published
Dec 5, 2023
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
Critical
Unreviewed
CVE-2023-22385
was published
Oct 3, 2023
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming...
Moderate
Unreviewed
CVE-2023-28571
was published
Oct 3, 2023
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
Moderate
Unreviewed
CVE-2023-28554
was published
Nov 14, 2023
Information disclosure in Automotive multimedia due to buffer over-read.
Moderate
Unreviewed
CVE-2022-33220
was published
Sep 5, 2023
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented...
High
Unreviewed
CVE-2022-33287
was published
Apr 13, 2023
Transient DOS in WLAN Firmware while processing frames with missing header fields.
High
Unreviewed
CVE-2023-21659
was published
Jun 6, 2023
Information disclosure in modem due to improper input validation during parsing of upcoming CoAP...
High
Unreviewed
CVE-2022-25747
was published
Apr 13, 2023
Transient DOS while parsing WLAN beacon or probe-response frame.
High
Unreviewed
CVE-2023-21661
was published
Jun 6, 2023
Information disclosure in modem data due to array out of bound access while handling the incoming...
High
Unreviewed
CVE-2022-25726
was published
Apr 13, 2023
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with...
High
Unreviewed
CVE-2022-33306
was published
Feb 12, 2023
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
High
Unreviewed
CVE-2022-34145
was published
Feb 12, 2023
Transient DOS due to buffer over-read in WLAN while sending a packet to device.
High
Unreviewed
CVE-2022-40535
was published
Mar 10, 2023
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.
High
Unreviewed
CVE-2023-33112
was published
Jan 2, 2024
ProTip!
Advisories are also available from the
GraphQL API