GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

67 advisories

Filter by severity

Sort by

Least recently updated

The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace,... High Unreviewed

CVE-2024-8178 was published Sep 5, 2024

In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always... High Unreviewed

CVE-2024-43873 was published Aug 21, 2024

Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared... Low Unreviewed

CVE-2024-32945 was published Jul 15, 2024

Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault... Moderate Unreviewed

CVE-2023-5138 was published Jan 4, 2024

A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly... Moderate Unreviewed

CVE-2022-0175 was published Aug 27, 2022

In writeToParcel of SurfaceControl.cpp, there is a possible information disclosure due to... Moderate Unreviewed

CVE-2022-20357 was published Aug 11, 2022

Access of uninitialized pointer vulnerability exists in the simulator module contained in the... High Unreviewed

CVE-2022-29925 was published Jun 15, 2022

In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to... Moderate Unreviewed

CVE-2019-16714 was published May 24, 2022

There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of... Moderate Unreviewed

CVE-2021-22482 was published May 24, 2022

An issue was discovered in function sofia_handle_sip_i_notify in sofia.c in SignalWire freeswitch... High Unreviewed

CVE-2021-36513 was published May 24, 2022

In memory management driver, there is a possible information disclosure due to uninitialized data... Moderate Unreviewed

CVE-2021-0423 was published May 24, 2022

An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset... Moderate Unreviewed

CVE-2021-26333 was published May 24, 2022

Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory... High Unreviewed

CVE-2021-29980 was published May 24, 2022

A vulnerability was found in the Linux kernel in versions before v5.14-rc1. Missing size... Low Unreviewed

CVE-2021-3655 was published May 24, 2022

report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the... High Unreviewed

CVE-2021-36386 was published May 24, 2022

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out... High Unreviewed

CVE-2021-23994 was published May 24, 2022

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive... Moderate Unreviewed

CVE-2021-34693 was published May 24, 2022

HVM soft-reset crashes toolstack libxl requires all data structures passed across its public... Moderate Unreviewed

CVE-2021-28687 was published May 24, 2022

curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option,... High Unreviewed

CVE-2021-22898 was published May 24, 2022

In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a... Moderate Unreviewed

CVE-2021-0484 was published May 24, 2022

In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes... Moderate Unreviewed

CVE-2021-28167 was published May 24, 2022

A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0... High Unreviewed

CVE-2021-1405 was published May 24, 2022

Missing initialization of a variable in the TPM2 source may allow a privileged user to... Moderate Unreviewed

CVE-2020-24455 was published May 24, 2022

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot... Critical Unreviewed

CVE-2020-12523 was published May 24, 2022

im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an... Moderate Unreviewed

CVE-2020-20739 was published May 24, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

67 advisories