Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

142 advisories

Loading
in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information... Moderate Unreviewed
CVE-2023-46100 was published Nov 20, 2023
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may... Moderate Unreviewed
CVE-2023-25586 was published Sep 14, 2023
A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the ... Moderate Unreviewed
CVE-2023-25588 was published Sep 14, 2023
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may... Moderate Unreviewed
CVE-2023-25585 was published Sep 14, 2023
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi... Moderate Unreviewed
CVE-2022-0494 was published Mar 26, 2022
Uninitialized memory exposure in claxon Moderate
CVE-2018-20992 was published for claxon (Rust) Aug 25, 2021
The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service... Moderate Unreviewed
CVE-2021-40608 was published Jun 29, 2022
Use of Uninitialized Variable in trilogy Moderate
CVE-2022-31026 was published for trilogy (RubyGems) Jun 6, 2022
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in... Moderate Unreviewed
CVE-2019-11833 was published May 24, 2022
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-13751 was published May 24, 2022
In code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to... Moderate Unreviewed
CVE-2021-39671 was published Feb 12, 2022
In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to... Moderate Unreviewed
CVE-2021-39680 was published Jan 15, 2022
In seninf driver, there is a possible information disclosure due to uninitialized data. This... Moderate Unreviewed
CVE-2022-20018 was published Jan 5, 2022
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-5818 was published May 24, 2022
libvips before 8.7.4 generates output images from uninitialized memory locations when processing... Moderate Unreviewed
CVE-2019-6976 was published May 13, 2022
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound... Moderate Unreviewed
CVE-2018-8627 was published May 13, 2022
In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This... Moderate Unreviewed
CVE-2018-9499 was published May 13, 2022
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows... Moderate Unreviewed
CVE-2018-20029 was published May 13, 2022
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM... Moderate Unreviewed
CVE-2018-19974 was published May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... Moderate Unreviewed
CVE-2018-12011 was published May 13, 2022
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2018-11383 was published May 13, 2022
The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS... Moderate Unreviewed
CVE-2016-5105 was published May 13, 2022
An information disclosure vulnerability exists when Visual Studio improperly discloses limited... Moderate Unreviewed
CVE-2018-1037 was published May 13, 2022
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in... Moderate Unreviewed
CVE-2016-0821 was published May 13, 2022
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG... Moderate Unreviewed
CVE-2018-6982 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database