Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

387 advisories

Loading
In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to... Low Unreviewed
CVE-2020-0007 was published May 24, 2022
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB... Low Unreviewed
CVE-2019-19947 was published May 24, 2022
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-13751 was published May 24, 2022
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB... Low Unreviewed
CVE-2019-19535 was published May 24, 2022
In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in... Low Unreviewed
CVE-2019-18786 was published May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error... Moderate Unreviewed
CVE-2019-18603 was published May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability... High Unreviewed
CVE-2019-18602 was published May 24, 2022
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles... High Unreviewed
CVE-2019-5067 was published May 24, 2022
Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03... High Unreviewed
CVE-2019-13220 was published May 24, 2022
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:... Moderate Unreviewed
CVE-2019-1010317 was published May 24, 2022
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:... Moderate Unreviewed
CVE-2019-1010319 was published May 24, 2022
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function... High Unreviewed
CVE-2019-13135 was published May 24, 2022
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-5818 was published May 24, 2022
When using gdImageCreateFromXbm() function of gd extension in versions 7.1.x below 7.1.30, 7.2.x... Moderate Unreviewed
CVE-2019-11038 was published May 24, 2022
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in... Moderate Unreviewed
CVE-2019-11833 was published May 24, 2022
A latent vulnerability exists in the Prio library where data may be read from uninitialized... Critical Unreviewed
CVE-2019-9805 was published May 24, 2022
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote... High Unreviewed
CVE-2015-8390 was published May 17, 2022
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which... High Unreviewed
CVE-2015-3414 was published May 14, 2022
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking... High Unreviewed
CVE-2019-9578 was published May 13, 2022
libvips before 8.7.4 generates output images from uninitialized memory locations when processing... Moderate Unreviewed
CVE-2019-6976 was published May 13, 2022
In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This... Moderate Unreviewed
CVE-2018-9499 was published May 13, 2022
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound... Moderate Unreviewed
CVE-2018-8627 was published May 13, 2022
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows... Moderate Unreviewed
CVE-2018-20029 was published May 13, 2022
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM... Moderate Unreviewed
CVE-2018-19974 was published May 13, 2022
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could... High Unreviewed
CVE-2018-15911 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database