Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

336 advisories

Loading
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6... Moderate Unreviewed
CVE-2017-4905 was published May 13, 2022
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG,... High Unreviewed
CVE-2018-6981 was published May 13, 2022
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG... Moderate Unreviewed
CVE-2018-6982 was published May 13, 2022
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in... Moderate Unreviewed
CVE-2016-0821 was published May 13, 2022
A certain crafted HTTP packet can trigger an uninitialized function pointer deference... Critical Unreviewed
CVE-2019-0006 was published May 13, 2022
An information disclosure vulnerability exists when Visual Studio improperly discloses limited... Moderate Unreviewed
CVE-2018-1037 was published May 13, 2022
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE... High Unreviewed
CVE-2017-9098 was published May 13, 2022
The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS... Moderate Unreviewed
CVE-2016-5105 was published May 13, 2022
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer... High Unreviewed
CVE-2018-7166 was published May 13, 2022
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2018-11383 was published May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... Moderate Unreviewed
CVE-2018-12011 was published May 13, 2022
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could... High Unreviewed
CVE-2018-15911 was published May 13, 2022
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM... Moderate Unreviewed
CVE-2018-19974 was published May 13, 2022
Use of Uninitialized Resource in libp2p-deflate Critical
CVE-2020-36443 was published for libp2p-deflate (Rust) Aug 25, 2021
Memory corruption in array-tools Critical
CVE-2020-36452 was published for array-tools (Rust) Aug 25, 2021
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows... Moderate Unreviewed
CVE-2018-20029 was published May 13, 2022
Use of Uninitialized Resource in alg_ds Critical
CVE-2020-36432 was published for alg_ds (Rust) Aug 25, 2021
Uninitialized memory use in generator High
CVE-2019-16144 was published for generator (Rust) Aug 25, 2021
In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This... Moderate Unreviewed
CVE-2018-9499 was published May 13, 2022
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound... Moderate Unreviewed
CVE-2018-8627 was published May 13, 2022
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized... High Unreviewed
CVE-2022-2949 was published Dec 13, 2022
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking... High Unreviewed
CVE-2019-9578 was published May 13, 2022
libvips before 8.7.4 generates output images from uninitialized memory locations when processing... Moderate Unreviewed
CVE-2019-6976 was published May 13, 2022
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-5818 was published May 24, 2022
When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will... Critical Unreviewed
CVE-2021-40418 was published Dec 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database