Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

448 advisories

Loading
An information disclosure vulnerability exists when Microsoft Office software reads out of bound... Moderate Unreviewed
CVE-2020-1342 was published May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed
CVE-2020-14703 was published May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed
CVE-2020-14704 was published May 24, 2022
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user... Moderate Unreviewed
CVE-2020-17482 was published May 24, 2022
In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bounds write due to... Moderate Unreviewed
CVE-2020-0411 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16931 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16932 was published May 24, 2022
Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16990. Moderate Unreviewed
CVE-2020-16985 was published May 24, 2022
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an... Moderate Unreviewed
CVE-2020-20739 was published May 24, 2022
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4.... Low Unreviewed
CVE-2020-29371 was published May 24, 2022
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted... Moderate Unreviewed
CVE-2020-35494 was published May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to... High Unreviewed
CVE-2021-21190 was published May 24, 2022
In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data... Moderate Unreviewed
CVE-2021-0463 was published May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to... Moderate Unreviewed
CVE-2021-21218 was published May 24, 2022
md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory,... Moderate Unreviewed
CVE-2021-30027 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31417 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31418 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31419 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31423 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function... Critical Unreviewed
CVE-2018-25014 was published May 24, 2022
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user... Moderate Unreviewed
CVE-2021-3545 was published May 24, 2022
An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute,... High Unreviewed
CVE-2020-11260 was published May 24, 2022
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to... High Unreviewed
CVE-2021-30578 was published May 24, 2022
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This... Moderate Unreviewed
CVE-2021-22925 was published May 24, 2022
The RISC-V Instruction Set Manual contains a documented ambiguity for the Machine Trap Vector... Critical Unreviewed
CVE-2021-1104 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database