Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

289 advisories

Loading
Improper Initialization for some Intel Unison software may allow a privileged user to potentially... Low Unreviewed
CVE-2022-46301 was published Nov 14, 2023
Improper initialization for some Intel Unison software may allow an authenticated user to... Low Unreviewed
CVE-2022-45109 was published Nov 14, 2023
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker... Moderate Unreviewed
CVE-2023-5078 was published Nov 9, 2023
Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows... High Unreviewed
CVE-2023-1719 was published Nov 1, 2023
When the isula cp command is used to copy files from a container to a host machine and the... Moderate Unreviewed
CVE-2021-33638 was published Oct 29, 2023
When the isula export command is used to export a container to an image and the container is... Moderate Unreviewed
CVE-2021-33637 was published Oct 29, 2023
When the isula load command is used to load malicious images, attackers can execute arbitrary... High Unreviewed
CVE-2021-33636 was published Oct 29, 2023
When malicious images are pulled by isula pull, attackers can execute arbitrary code. High Unreviewed
CVE-2021-33635 was published Oct 29, 2023
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS. Moderate Unreviewed
CVE-2021-33634 was published Oct 29, 2023
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized.... Moderate Unreviewed
CVE-2023-5370 was published Oct 4, 2023
Improper initialization of variables in the DXE driver may allow a privileged user to leak... Moderate Unreviewed
CVE-2023-20594 was published Sep 20, 2023
Improper initialization of variables in the DXE driver may allow a privileged user to leak... Moderate Unreviewed
CVE-2023-20597 was published Sep 20, 2023
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL)... High Unreviewed
CVE-2023-40596 was published Aug 30, 2023
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond ... High Unreviewed
CVE-2020-35342 was published Aug 22, 2023
Jenkins Gogs Plugin vulnerable to unsafe default behavior and information disclosure Moderate
CVE-2023-40349 was published for org.jenkins-ci.plugins:gogs-webhook (Maven) Aug 16, 2023
Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to... Moderate Unreviewed
CVE-2023-27887 was published Aug 11, 2023
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged... Moderate Unreviewed
CVE-2022-38083 was published Aug 11, 2023
Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme... Moderate Unreviewed
CVE-2023-22444 was published Aug 11, 2023
Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to... Moderate Unreviewed
CVE-2023-22356 was published Aug 11, 2023
Allocation of Resources Without Limits or Throttling, Improper Initialization vulnerability in B... Moderate Unreviewed
CVE-2023-3242 was published Jul 26, 2023
Vulnerability of signature verification in the iaware system being initialized later than the... Moderate Unreviewed
CVE-2022-48518 was published Jul 6, 2023
Improper initialization for some Intel(R) NUC BIOS firmware may allow a privileged user to... Moderate Unreviewed
CVE-2022-31477 was published May 10, 2023
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote... High Unreviewed
CVE-2023-27934 was published May 8, 2023
A malicious actor may convince a victim to open a malicious USD file that may trigger an... High Unreviewed
CVE-2023-25010 was published Apr 17, 2023
Some smartphones have data initialization issues. Successful exploitation of this vulnerability... High Unreviewed
CVE-2022-48352 was published Mar 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database