Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

150 advisories

Loading
In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This... Moderate Unreviewed
CVE-2018-9499 was published May 13, 2022
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound... Moderate Unreviewed
CVE-2018-8627 was published May 13, 2022
libvips before 8.7.4 generates output images from uninitialized memory locations when processing... Moderate Unreviewed
CVE-2019-6976 was published May 13, 2022
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-5818 was published May 24, 2022
In seninf driver, there is a possible information disclosure due to uninitialized data. This... Moderate Unreviewed
CVE-2022-20018 was published Jan 5, 2022
In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to... Moderate Unreviewed
CVE-2021-39680 was published Jan 15, 2022
In code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to... Moderate Unreviewed
CVE-2021-39671 was published Feb 12, 2022
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-13751 was published May 24, 2022
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in... Moderate Unreviewed
CVE-2019-11833 was published May 24, 2022
Use of Uninitialized Variable in trilogy Moderate
CVE-2022-31026 was published for trilogy (RubyGems) Jun 6, 2022
The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service... Moderate Unreviewed
CVE-2021-40608 was published Jun 29, 2022
Uninitialized memory exposure in claxon Moderate
CVE-2018-20992 was published for claxon (Rust) Aug 25, 2021
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi... Moderate Unreviewed
CVE-2022-0494 was published Mar 26, 2022
A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the ... Moderate Unreviewed
CVE-2023-25588 was published Sep 14, 2023
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may... Moderate Unreviewed
CVE-2023-25585 was published Sep 14, 2023
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may... Moderate Unreviewed
CVE-2023-25586 was published Sep 14, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information... Moderate Unreviewed
CVE-2023-46100 was published Nov 20, 2023
Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16990. Moderate Unreviewed
CVE-2020-16985 was published May 24, 2022
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP... Moderate Unreviewed
CVE-2023-42797 was published Jan 9, 2024
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an... Moderate Unreviewed
CVE-2020-20739 was published May 24, 2022
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2008-2934 was published May 1, 2022
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize... Moderate Unreviewed
CVE-2009-0949 was published May 2, 2022
sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2008-3688 was published May 2, 2022
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused... Moderate Unreviewed
CVE-2008-0063 was published May 1, 2022
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This... Moderate Unreviewed
CVE-2021-22925 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database