GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
103 advisories
Filter by severity
A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when...
High
Unreviewed
CVE-2020-27795
was published
Aug 20, 2022
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious...
High
Unreviewed
CVE-2022-34390
was published
Oct 13, 2022
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized...
High
Unreviewed
CVE-2022-2950
was published
Dec 13, 2022
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which...
High
Unreviewed
CVE-2015-3414
was published
May 14, 2022
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function...
High
Unreviewed
CVE-2019-13135
was published
May 24, 2022
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles...
High
Unreviewed
CVE-2019-5067
was published
May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability...
High
Unreviewed
CVE-2019-18602
was published
May 24, 2022
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying...
High
Unreviewed
CVE-2020-1934
was published
May 24, 2022
vim is vulnerable to Stack-based Buffer Overflow
High
Unreviewed
CVE-2021-3928
was published
May 24, 2022
An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute,...
High
Unreviewed
CVE-2020-11260
was published
May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to...
High
Unreviewed
CVE-2021-21190
was published
May 24, 2022
In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when...
High
Unreviewed
CVE-2022-34655
was published
Aug 5, 2022
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to...
High
Unreviewed
CVE-2021-30578
was published
May 24, 2022
In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE...
High
Unreviewed
CVE-2021-29631
was published
May 24, 2022
An issue was discovered in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS,...
High
Unreviewed
CVE-2021-36512
was published
May 24, 2022
In display driver, there is a possible memory corruption due to uninitialized data. This could...
High
Unreviewed
CVE-2021-0634
was published
May 24, 2022
Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by...
High
Unreviewed
CVE-2007-1751
was published
May 1, 2022
A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver...
High
Unreviewed
CVE-2022-2308
was published
Sep 2, 2022
Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03...
High
Unreviewed
CVE-2019-13220
was published
May 24, 2022
The function wav_format_write in libwav.c in libwav through 2017-04-20 has an Use of...
High
Unreviewed
CVE-2022-28488
was published
May 5, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, and 14.1.x...
High
Unreviewed
CVE-2022-26370
was published
May 6, 2022
An exploitable uninitialized variable vulnerability exists in the RTF-parsing functionality of...
High
Unreviewed
CVE-2018-3975
was published
May 13, 2022
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3...
High
Unreviewed
CVE-2019-9639
was published
May 13, 2022
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote...
High
Unreviewed
CVE-2011-1251
was published
May 13, 2022
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6...
High
Unreviewed
CVE-2011-1266
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API