Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

293 advisories

Loading
Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in... Critical Unreviewed
CVE-2018-11949 was published May 24, 2022
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit... High Unreviewed
CVE-2023-52452 was published Feb 22, 2024
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure... Low Unreviewed
CVE-2021-36319 was published Nov 21, 2021
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2018-2934 was published May 13, 2022
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10... High Unreviewed
CVE-2008-3637 was published May 2, 2022
prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP... Moderate Unreviewed
CVE-2001-1471 was published Apr 30, 2022
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which... High Unreviewed
CVE-2008-0062 was published May 1, 2022
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or... High Unreviewed
CVE-2007-3749 was published May 1, 2022
An improper initialization vulnerability was found in Galleon. When using Galleon to provision... Moderate Unreviewed
CVE-2023-4503 was published Feb 6, 2024
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Moderate Unreviewed
CVE-2020-16901 was published May 24, 2022
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Low Unreviewed
CVE-2020-1592 was published May 24, 2022
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was... High Unreviewed
CVE-2023-49062 was published Nov 28, 2023
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without... Low Unreviewed
CVE-2023-45085 was published Dec 5, 2023
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized.... Moderate Unreviewed
CVE-2023-5370 was published Oct 4, 2023
When the isula export command is used to export a container to an image and the container is... Moderate Unreviewed
CVE-2021-33637 was published Oct 29, 2023
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS. Moderate Unreviewed
CVE-2021-33634 was published Oct 29, 2023
Improper Initialization for some Intel Unison software may allow a privileged user to potentially... Low Unreviewed
CVE-2022-46301 was published Nov 14, 2023
Improper Initialization in firmware for some Intel(R) Optane(TM) SSD products may allow an... Moderate Unreviewed
CVE-2023-27306 was published Nov 14, 2023
Improper initialization for some Intel Unison software may allow an authenticated user to... Low Unreviewed
CVE-2022-45109 was published Nov 14, 2023
Jenkins Gogs Plugin vulnerable to unsafe default behavior and information disclosure Moderate
CVE-2023-40349 was published for org.jenkins-ci.plugins:gogs-webhook (Maven) Aug 16, 2023
Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows... High Unreviewed
CVE-2023-1719 was published Nov 1, 2023
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker... Moderate Unreviewed
CVE-2023-5078 was published Nov 9, 2023
When the isula cp command is used to copy files from a container to a host machine and the... Moderate Unreviewed
CVE-2021-33638 was published Oct 29, 2023
TPM 1.2 key authorization values vulnerable to TPM transport eavesdropper in go-tpm High
CVE-2020-8918 was published for github.com/google/go-tpm (Go) Feb 11, 2022
chrisfenner
Credited to chrisfenner
In kd_camera_hw driver, there is a possible information disclosure due to uninitialized data.... Moderate Unreviewed
CVE-2022-20015 was published Jan 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database