Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
Direct Ring Buffer has uninitialized memory exposure in create_ring_buffer Low
GHSA-fp5x-7m4q-449f was published for direct_ring_buffer (Rust) Oct 21, 2025
FUSE-Rust: Uninitalized memory read and leak caused by fuser crate High
GHSA-cvmj-47v9-35m9 was published for fuser (Rust) Sep 15, 2025
Helm May Panic Due To Incorrect YAML Content Moderate
CVE-2025-55198 was published for helm.sh/helm/v3 (Go) Aug 14, 2025
jake-ciolek
Credited to jake-ciolek
static-alloc vulnerability leads to uninitialized read after allocating MemBump Low
GHSA-xrrq-rrgq-h89w was published for static-alloc (Rust) Jul 11, 2025
Phusion Passenger denial of service Moderate
CVE-2025-26803 was published for passenger (RubyGems) Feb 24, 2025
crayon: ObjectPool creates uninitialized memory when freeing objects High
GHSA-xfhw-6mc4-mgxf was published for crayon (Rust) Apr 5, 2024
Uninitialized Variable in fastecdsa High
CVE-2024-21502 was published for fastecdsa (pip) Feb 24, 2024
Helm's Missing YAML Content Leads To Panic High
CVE-2024-26147 was published for helm.sh/helm/v3 (Go) Feb 22, 2024
jake-ciolek
Credited to jake-ciolek
Uncontrolled Resource Consumption in @discordjs/opus High
CVE-2022-25345 was published for @discordjs/opus (npm) Jun 18, 2022
DEVTomatoCake vladfrangu
Credited to DEVTomatoCake and vladfrangu
Use of Uninitialized Variable in trilogy Moderate
CVE-2022-31026 was published for trilogy (RubyGems) Jun 6, 2022
Segfault due to missing support for quantized types Moderate
CVE-2022-29205 was published for tensorflow (pip) May 24, 2022
Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability High
CVE-2019-18197 was published for nokogiri (RubyGems) May 24, 2022
Uninitialized read in Nokogiri gem High
CVE-2019-13117 was published for nokogiri (RubyGems) May 24, 2022
Uninitialized variable access in Tensorflow High
CVE-2022-23573 was published for tensorflow (pip) Feb 9, 2022
Use of Uninitialized Resource in smallvec High
CVE-2018-25023 was published for smallvec (Rust) Jan 6, 2022
tdunlap607
Credited to tdunlap607
Use of Uninitialized Resource in flumedb. Critical
CVE-2021-45684 was published for flumedb (Rust) Jan 6, 2022
J3rry-1729
Credited to J3rry-1729
Use of Uninitialized Resource in acc_reader. Critical
CVE-2020-36513 was published for acc_reader (Rust) Jan 6, 2022
Use of Uninitialized Resource in acc_reader. Critical
CVE-2020-36514 was published for acc_reader (Rust) Jan 6, 2022
Use of Uninitialized Resource in buffoon. Critical
CVE-2020-36512 was published for buffoon (Rust) Jan 6, 2022
Use of Uninitialized Resource in bite. High
CVE-2020-36511 was published for bite (Rust) Jan 6, 2022
Use of Uninitialized Resource in bronzedb-protocol. Critical
CVE-2021-45682 was published for bronzedb-protocol (Rust) Jan 6, 2022
Use of Uninitialized Resource in binjs_io. Critical
CVE-2021-45683 was published for binjs_io (Rust) Jan 6, 2022
Window may read from uninitialized memory locations in rdiff High
CVE-2021-45694 was published for rdiff (Rust) Jan 6, 2022
Use of Uninitialized Resource in csv-sniffer. Critical
CVE-2021-45686 was published for csv-sniffer (Rust) Jan 6, 2022
J3rry-1729
Credited to J3rry-1729
columnar: Read on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec()) Critical
CVE-2021-45685 was published for columnar (Rust) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database