GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,378

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

260 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory,... Moderate Unreviewed

CVE-2021-30027 was published May 24, 2022

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to... Moderate Unreviewed

CVE-2021-21218 was published May 24, 2022

In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data... Moderate Unreviewed

CVE-2021-0463 was published May 24, 2022

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted... Moderate Unreviewed

CVE-2020-35494 was published May 24, 2022

im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an... Moderate Unreviewed

CVE-2020-20739 was published May 24, 2022

Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16990. Moderate Unreviewed

CVE-2020-16985 was published May 24, 2022

In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bounds write due to... Moderate Unreviewed

CVE-2020-0411 was published May 24, 2022

An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user... Moderate Unreviewed

CVE-2020-17482 was published May 24, 2022

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed

CVE-2020-14703 was published May 24, 2022

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed

CVE-2020-14704 was published May 24, 2022

An information disclosure vulnerability exists when Microsoft Office software reads out of bound... Moderate Unreviewed

CVE-2020-1342 was published May 24, 2022

An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote... Moderate Unreviewed

CVE-2020-13113 was published May 24, 2022

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim... Moderate Unreviewed

CVE-2020-10933 was published May 24, 2022

Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to... Moderate Unreviewed

CVE-2020-6444 was published May 24, 2022

When processing an email message with an ill-formed envelope, Thunderbird could read data from a... Moderate Unreviewed

CVE-2020-6793 was published May 24, 2022

When deriving an identifier for an email message, uninitialized memory was used in addition to... Moderate Unreviewed

CVE-2020-6792 was published May 24, 2022

Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote... Moderate Unreviewed

CVE-2020-6398 was published May 24, 2022

In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of... Moderate Unreviewed

CVE-2020-0006 was published May 24, 2022

Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to... Moderate Unreviewed

CVE-2019-13751 was published May 24, 2022

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error... Moderate Unreviewed

CVE-2019-18603 was published May 24, 2022

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:... Moderate Unreviewed

CVE-2019-1010317 was published May 24, 2022

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:... Moderate Unreviewed

CVE-2019-1010319 was published May 24, 2022

Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed

CVE-2019-5818 was published May 24, 2022

When using gdImageCreateFromXbm() function of gd extension in versions 7.1.x below 7.1.30, 7.2.x... Moderate Unreviewed

CVE-2019-11038 was published May 24, 2022

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in... Moderate Unreviewed

CVE-2019-11833 was published May 24, 2022

Previous 1…9…11 Next

Previous 1 2 … 7 8 9 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

260 advisories