GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,063
Composer 4,318
Erlang 31
GitHub Actions 21
Go 2,074
Maven 5,249
npm 3,746
NuGet 674
pip 3,434
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 241,079

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

342 advisories

Filter by severity

Sort by

Least recently updated

This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2021-31418 was published May 24, 2022

This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2021-31417 was published May 24, 2022

md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory,... Moderate Unreviewed

CVE-2021-30027 was published May 24, 2022

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to... Moderate Unreviewed

CVE-2021-21218 was published May 24, 2022

In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data... Moderate Unreviewed

CVE-2021-0463 was published May 24, 2022

Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to... High Unreviewed

CVE-2021-21190 was published May 24, 2022

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted... Moderate Unreviewed

CVE-2020-35494 was published May 24, 2022

An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4.... Low Unreviewed

CVE-2020-29371 was published May 24, 2022

im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an... Moderate Unreviewed

CVE-2020-20739 was published May 24, 2022

Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16990. Moderate Unreviewed

CVE-2020-16985 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed

CVE-2020-16932 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed

CVE-2020-16931 was published May 24, 2022

In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bounds write due to... Moderate Unreviewed

CVE-2020-0411 was published May 24, 2022

An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user... Moderate Unreviewed

CVE-2020-17482 was published May 24, 2022

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed

CVE-2020-14703 was published May 24, 2022

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed

CVE-2020-14704 was published May 24, 2022

An information disclosure vulnerability exists when Microsoft Office software reads out of bound... Moderate Unreviewed

CVE-2020-1342 was published May 24, 2022

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before... Low Unreviewed

CVE-2020-3964 was published May 24, 2022

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to... Low Unreviewed

CVE-2020-12864 was published May 24, 2022

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows... Low Unreviewed

CVE-2020-10732 was published May 24, 2022

An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote... Moderate Unreviewed

CVE-2020-13113 was published May 24, 2022

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim... Moderate Unreviewed

CVE-2020-10933 was published May 24, 2022

Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to... Moderate Unreviewed

CVE-2020-6444 was published May 24, 2022

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2.... Low Unreviewed

CVE-2020-11494 was published May 24, 2022

In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying... High Unreviewed

CVE-2020-1934 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

342 advisories