Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

107 advisories

Loading
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38260 was published Sep 10, 2024
Microsoft AllJoyn API Information Disclosure Vulnerability High Unreviewed
CVE-2024-38257 was published Sep 10, 2024
Windows Networking Information Disclosure Vulnerability High Unreviewed
CVE-2024-43458 was published Sep 10, 2024
The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace,... High Unreviewed
CVE-2024-8178 was published Sep 5, 2024
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable:... High Unreviewed
CVE-2024-44983 was published Sep 4, 2024
In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in... High Unreviewed
CVE-2024-44999 was published Sep 4, 2024
ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could... High Unreviewed
CVE-2024-7526 was published Aug 6, 2024
Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote... High Unreviewed
CVE-2024-6990 was published Aug 1, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using... High Unreviewed
CVE-2024-42228 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized... High Unreviewed
CVE-2024-42161 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put... High Unreviewed
CVE-2024-42225 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in... High Unreviewed
CVE-2024-41059 was published Jul 29, 2024
Windows TCP/IP Information Disclosure Vulnerability High Unreviewed
CVE-2024-38064 was published Jul 9, 2024
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value... High Unreviewed
CVE-2024-38381 was published Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in... High Unreviewed
CVE-2022-48747 was published Jun 20, 2024
In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure... High Unreviewed
CVE-2024-38538 was published Jun 19, 2024
Memory management vulnerability in the Gralloc module Impact: Successful exploitation of this... High Unreviewed
CVE-2024-36503 was published Jun 14, 2024
In AcvpOnMessage of avcp.cpp, there is a possible EOP due to uninitialized data. This could lead... High Unreviewed
CVE-2024-32906 was published Jun 13, 2024
In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma... High Unreviewed
CVE-2024-27022 was published May 1, 2024
crayon: ObjectPool creates uninitialized memory when freeing objects High
GHSA-xfhw-6mc4-mgxf was published for crayon (Rust) Apr 5, 2024
When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause... High Unreviewed
CVE-2024-23314 was published Feb 14, 2024
An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537... High Unreviewed
CVE-2023-31275 was published Nov 27, 2023
In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data.... High Unreviewed
CVE-2023-21233 was published Aug 15, 2023
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it... High Unreviewed
CVE-2023-35847 was published Jun 19, 2023
In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to... High Unreviewed
CVE-2023-21127 was published Jun 15, 2023
ProTip! Advisories are also available from the GraphQL API