Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

156 advisories

Loading
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking... High Unreviewed
CVE-2019-9578 was published May 13, 2022
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which... High Unreviewed
CVE-2015-3414 was published May 14, 2022
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote... High Unreviewed
CVE-2015-8390 was published May 17, 2022
Uninitialized read in Nokogiri gem High
CVE-2019-13117 was published for nokogiri (RubyGems) May 24, 2022
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function... High Unreviewed
CVE-2019-13135 was published May 24, 2022
Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03... High Unreviewed
CVE-2019-13220 was published May 24, 2022
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles... High Unreviewed
CVE-2019-5067 was published May 24, 2022
Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability High
CVE-2019-18197 was published for nokogiri (RubyGems) May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability... High Unreviewed
CVE-2019-18602 was published May 24, 2022
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying... High Unreviewed
CVE-2020-1934 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16931 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16932 was published May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to... High Unreviewed
CVE-2021-21190 was published May 24, 2022
An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute,... High Unreviewed
CVE-2020-11260 was published May 24, 2022
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to... High Unreviewed
CVE-2021-30578 was published May 24, 2022
In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE... High Unreviewed
CVE-2021-29631 was published May 24, 2022
An issue was discovered in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS,... High Unreviewed
CVE-2021-36512 was published May 24, 2022
In display driver, there is a possible memory corruption due to uninitialized data. This could... High Unreviewed
CVE-2021-0634 was published May 24, 2022
vim is vulnerable to Stack-based Buffer Overflow High Unreviewed
CVE-2021-3928 was published May 24, 2022
Uncontrolled Resource Consumption in @discordjs/opus High
CVE-2022-25345 was published for @discordjs/opus (npm) Jun 18, 2022
DEVTomatoCake vladfrangu
softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail... High Unreviewed
CVE-2022-35414 was published Jul 12, 2022
In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when... High Unreviewed
CVE-2022-34655 was published Aug 5, 2022
A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when... High Unreviewed
CVE-2020-27795 was published Aug 20, 2022
A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver... High Unreviewed
CVE-2022-2308 was published Sep 2, 2022
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-34390 was published Oct 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database