Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

493 advisories

Loading
sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2008-3688 was published May 2, 2022
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2008-2934 was published May 1, 2022
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize... Moderate Unreviewed
CVE-2009-0949 was published May 2, 2022
When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause... High Unreviewed
CVE-2024-23314 was published Feb 14, 2024
A latent vulnerability exists in the Prio library where data may be read from uninitialized... Critical Unreviewed
CVE-2019-9805 was published May 24, 2022
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all... High Unreviewed
CVE-2009-2692 was published May 2, 2022
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an... Moderate Unreviewed
CVE-2020-20739 was published May 24, 2022
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP... Moderate Unreviewed
CVE-2023-42797 was published Jan 9, 2024
Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16990. Moderate Unreviewed
CVE-2020-16985 was published May 24, 2022
When reading a file, an uninitialized value could have been used as read limit. This... High Unreviewed
CVE-2023-32213 was published Jun 2, 2023
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16932 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16931 was published May 24, 2022
in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information... Moderate Unreviewed
CVE-2023-46100 was published Nov 20, 2023
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may... Moderate Unreviewed
CVE-2023-25586 was published Sep 14, 2023
A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the ... Moderate Unreviewed
CVE-2023-25588 was published Sep 14, 2023
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may... Moderate Unreviewed
CVE-2023-25585 was published Sep 14, 2023
Adobe Bridge version 11.0.2 (and earlier) is affected by an uninitialized variable vulnerability... Low Unreviewed
CVE-2021-35991 was published May 24, 2022
Use of Uninitialized Resource in smallvec High
CVE-2018-25023 was published for smallvec (Rust) Jan 6, 2022
tdunlap607
Credited to tdunlap607
Uncontrolled Resource Consumption in @discordjs/opus High
CVE-2022-25345 was published for @discordjs/opus (npm) Jun 18, 2022
DEVTomatoCake vladfrangu
Credited to DEVTomatoCake and vladfrangu
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi... Moderate Unreviewed
CVE-2022-0494 was published Mar 26, 2022
An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC... Critical Unreviewed
CVE-2022-21217 was published Jan 29, 2022
Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability High
CVE-2019-18197 was published for nokogiri (RubyGems) May 24, 2022
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0... High Unreviewed
CVE-2021-32846 was published Feb 18, 2023
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0... High Unreviewed
CVE-2021-32845 was published Feb 18, 2023
Use of Uninitialized Resource in gfx-auxil Critical
CVE-2021-45689 was published for gfx-auxil (Rust) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database