Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,506
Maven
5,000+
npm
4,149
NuGet
736
pip
3,949
Pub
12
RubyGems
946
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

388 advisories

Loading
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to... Moderate Unreviewed
CVE-2021-21218 was published May 24, 2022
In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data... Moderate Unreviewed
CVE-2021-0463 was published May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to... High Unreviewed
CVE-2021-21190 was published May 24, 2022
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted... Moderate Unreviewed
CVE-2020-35494 was published May 24, 2022
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4.... Low Unreviewed
CVE-2020-29371 was published May 24, 2022
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an... Moderate Unreviewed
CVE-2020-20739 was published May 24, 2022
Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16990. Moderate Unreviewed
CVE-2020-16985 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16932 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16931 was published May 24, 2022
In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bounds write due to... Moderate Unreviewed
CVE-2020-0411 was published May 24, 2022
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user... Moderate Unreviewed
CVE-2020-17482 was published May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed
CVE-2020-14704 was published May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed
CVE-2020-14703 was published May 24, 2022
An information disclosure vulnerability exists when Microsoft Office software reads out of bound... Moderate Unreviewed
CVE-2020-1342 was published May 24, 2022
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before... Low Unreviewed
CVE-2020-3964 was published May 24, 2022
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to... Low Unreviewed
CVE-2020-12864 was published May 24, 2022
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows... Low Unreviewed
CVE-2020-10732 was published May 24, 2022
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote... Moderate Unreviewed
CVE-2020-13113 was published May 24, 2022
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim... Moderate Unreviewed
CVE-2020-10933 was published May 24, 2022
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to... Moderate Unreviewed
CVE-2020-6444 was published May 24, 2022
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2.... Low Unreviewed
CVE-2020-11494 was published May 24, 2022
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying... High Unreviewed
CVE-2020-1934 was published May 24, 2022
When processing an email message with an ill-formed envelope, Thunderbird could read data from a... Moderate Unreviewed
CVE-2020-6793 was published May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to... Moderate Unreviewed
CVE-2020-6792 was published May 24, 2022
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote... Moderate Unreviewed
CVE-2020-6398 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database