Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

269 advisories

Loading
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Low Unreviewed
CVE-2020-1592 was published May 24, 2022
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of... Low Unreviewed
CVE-2020-14347 was published May 24, 2022
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. High Unreviewed
CVE-2020-3811 was published May 24, 2022
A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a... Moderate Unreviewed
CVE-2020-10725 was published May 24, 2022
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a... Moderate Unreviewed
CVE-2020-11655 was published May 24, 2022
An issue existed in the handling of tabs displaying picture in picture video. The issue was... Moderate Unreviewed
CVE-2020-9775 was published May 24, 2022
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable... High Unreviewed
CVE-2019-7630 was published May 24, 2022
Improper initialization in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077... Low Unreviewed
CVE-2020-0506 was published May 24, 2022
Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user... Moderate Unreviewed
CVE-2020-0561 was published May 24, 2022
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors... Critical Unreviewed
CVE-2015-8367 was published May 24, 2022
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by... High Unreviewed
CVE-2019-20063 was published May 24, 2022
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the... Low Unreviewed
CVE-2019-19126 was published May 24, 2022
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and... High Unreviewed
CVE-2019-14565 was published May 24, 2022
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in... Moderate Unreviewed
CVE-2019-15681 was published May 24, 2022
The "Forget about this site" feature in the History pane is intended to remove all saved user... Moderate Unreviewed
CVE-2019-11747 was published May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns... High Unreviewed
CVE-2019-16921 was published May 24, 2022
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP)... High Unreviewed
CVE-2019-12646 was published May 24, 2022
In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE... Moderate Unreviewed
CVE-2019-5605 was published May 24, 2022
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Moderate Unreviewed
CVE-2019-1039 was published May 24, 2022
Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in... Critical Unreviewed
CVE-2018-11949 was published May 24, 2022
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile,... High Unreviewed
CVE-2017-18131 was published May 24, 2022
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer,... Low Unreviewed
CVE-2014-8181 was published May 17, 2022
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable... High Unreviewed
CVE-2014-9942 was published May 17, 2022
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and... Moderate Unreviewed
CVE-2013-1675 was published May 17, 2022
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the... Moderate Unreviewed
CVE-2017-15897 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database