Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

493 advisories

Loading
Use of Uninitialized Resource in ash. Critical
CVE-2021-45688 was published for ash (Rust) Jan 6, 2022
tdunlap607
Credited to tdunlap607
Uninitialized read in Nokogiri gem High
CVE-2019-13117 was published for nokogiri (RubyGems) May 24, 2022
The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service... Moderate Unreviewed
CVE-2021-40608 was published Jun 29, 2022
Use of Uninitialized Variable in trilogy Moderate
CVE-2022-31026 was published for trilogy (RubyGems) Jun 6, 2022
Read of uninitialized memory in cdr Critical
CVE-2021-26305 was published for cdr (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Out of bounds read in bra Critical
CVE-2021-25905 was published for bra (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Deserializing an array can free uninitialized memory in byte_struct Critical
CVE-2021-28033 was published for byte_struct (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in... Moderate Unreviewed
CVE-2019-11833 was published May 24, 2022
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before... High Unreviewed
CVE-2023-22281 was published Feb 1, 2023
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-13751 was published May 24, 2022
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows... Low Unreviewed
CVE-2020-10732 was published May 24, 2022
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4... High Unreviewed
CVE-2015-5165 was published May 13, 2022
Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21. High Unreviewed
CVE-2022-47012 was published Jan 20, 2023
Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to... High Unreviewed
CVE-2022-0115 was published Feb 13, 2022
In code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to... Moderate Unreviewed
CVE-2021-39671 was published Feb 12, 2022
Free of uninitialized memory in telemetry Critical
CVE-2021-29937 was published for telemetry (Rust) Aug 25, 2021
In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to... Moderate Unreviewed
CVE-2021-39680 was published Jan 15, 2022
In seninf driver, there is a possible information disclosure due to uninitialized data. This... Moderate Unreviewed
CVE-2022-20018 was published Jan 5, 2022
When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will... Critical Unreviewed
CVE-2021-40418 was published Dec 23, 2021
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-5818 was published May 24, 2022
libvips before 8.7.4 generates output images from uninitialized memory locations when processing... Moderate Unreviewed
CVE-2019-6976 was published May 13, 2022
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking... High Unreviewed
CVE-2019-9578 was published May 13, 2022
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized... High Unreviewed
CVE-2022-2949 was published Dec 13, 2022
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound... Moderate Unreviewed
CVE-2018-8627 was published May 13, 2022
In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This... Moderate Unreviewed
CVE-2018-9499 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database