GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
134 advisories
Filter by severity
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user...
Moderate
Unreviewed
CVE-2021-3545
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31423
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31419
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31418
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31417
was published
May 24, 2022
md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory,...
Moderate
Unreviewed
CVE-2021-30027
was published
May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2021-21218
was published
May 24, 2022
In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data...
Moderate
Unreviewed
CVE-2021-0463
was published
May 24, 2022
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted...
Moderate
Unreviewed
CVE-2020-35494
was published
May 24, 2022
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an...
Moderate
Unreviewed
CVE-2020-20739
was published
May 24, 2022
Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16990.
Moderate
Unreviewed
CVE-2020-16985
was published
May 24, 2022
In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bounds write due to...
Moderate
Unreviewed
CVE-2020-0411
was published
May 24, 2022
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user...
Moderate
Unreviewed
CVE-2020-17482
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14704
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14703
was published
May 24, 2022
An information disclosure vulnerability exists when Microsoft Office software reads out of bound...
Moderate
Unreviewed
CVE-2020-1342
was published
May 24, 2022
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote...
Moderate
Unreviewed
CVE-2020-13113
was published
May 24, 2022
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim...
Moderate
Unreviewed
CVE-2020-10933
was published
May 24, 2022
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2020-6444
was published
May 24, 2022
When processing an email message with an ill-formed envelope, Thunderbird could read data from a...
Moderate
Unreviewed
CVE-2020-6793
was published
May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to...
Moderate
Unreviewed
CVE-2020-6792
was published
May 24, 2022
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote...
Moderate
Unreviewed
CVE-2020-6398
was published
May 24, 2022
In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of...
Moderate
Unreviewed
CVE-2020-0006
was published
May 24, 2022
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2019-13751
was published
May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error...
Moderate
Unreviewed
CVE-2019-18603
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API