Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

258 advisories

Loading
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to... Moderate Unreviewed
CVE-2023-3488 was published Jul 28, 2023
A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper... Moderate Unreviewed
CVE-2023-36836 was published Jul 14, 2023
The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized... Moderate Unreviewed
CVE-2021-0948 was published Jul 13, 2023
The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in... Moderate Unreviewed
CVE-2023-2747 was published Jun 15, 2023
Windows Installer Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-32016 was published Jun 14, 2023
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi... Moderate Unreviewed
CVE-2023-22897 was published Apr 13, 2023
A vulnerability classified as problematic has been found in Linux Kernel. This affects the... Moderate Unreviewed
CVE-2022-3642 was published Oct 21, 2022
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive... Moderate Unreviewed
CVE-2022-40768 was published Sep 19, 2022
In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to... Moderate Unreviewed
CVE-2021-0698 was published Aug 25, 2022
In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to... Moderate Unreviewed
CVE-2021-0887 was published Aug 25, 2022
An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local... Moderate Unreviewed
CVE-2022-33716 was published Aug 6, 2022
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a... Moderate Unreviewed
CVE-2022-34266 was published Jul 20, 2022
The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service... Moderate Unreviewed
CVE-2021-40608 was published Jun 29, 2022
Use of Uninitialized Variable in trilogy Moderate
CVE-2022-31026 was published for trilogy (RubyGems) Jun 6, 2022
Segfault due to missing support for quantized types Moderate
CVE-2022-29205 was published for tensorflow (pip) May 24, 2022
In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to... Moderate Unreviewed
CVE-2021-0938 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-34855 was published May 24, 2022
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This... Moderate Unreviewed
CVE-2021-22925 was published May 24, 2022
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user... Moderate Unreviewed
CVE-2021-3545 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31423 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31419 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31418 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31417 was published May 24, 2022
md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory,... Moderate Unreviewed
CVE-2021-30027 was published May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to... Moderate Unreviewed
CVE-2021-21218 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database