Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak... Moderate Unreviewed
CVE-2024-50076 was published Oct 29, 2024
Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault... Moderate Unreviewed
CVE-2023-5138 was published Jan 4, 2024
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly... Moderate Unreviewed
CVE-2022-0175 was published Aug 27, 2022
In writeToParcel of SurfaceControl.cpp, there is a possible information disclosure due to... Moderate Unreviewed
CVE-2022-20357 was published Aug 11, 2022
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to... Moderate Unreviewed
CVE-2019-16714 was published May 24, 2022
There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of... Moderate Unreviewed
CVE-2021-22482 was published May 24, 2022
In memory management driver, there is a possible information disclosure due to uninitialized data... Moderate Unreviewed
CVE-2021-0423 was published May 24, 2022
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset... Moderate Unreviewed
CVE-2021-26333 was published May 24, 2022
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive... Moderate Unreviewed
CVE-2021-34693 was published May 24, 2022
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public... Moderate Unreviewed
CVE-2021-28687 was published May 24, 2022
In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a... Moderate Unreviewed
CVE-2021-0484 was published May 24, 2022
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes... Moderate Unreviewed
CVE-2021-28167 was published May 24, 2022
Missing initialization of a variable in the TPM2 source may allow a privileged user to... Moderate Unreviewed
CVE-2020-24455 was published May 24, 2022
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an... Moderate Unreviewed
CVE-2020-20739 was published May 24, 2022
In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data.... Moderate Unreviewed
CVE-2020-0340 was published May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient... Moderate Unreviewed
CVE-2018-21247 was published May 24, 2022
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0.... Moderate Unreviewed
CVE-2020-13899 was published May 24, 2022
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active... Moderate Unreviewed
CVE-2020-11741 was published May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to... Moderate Unreviewed
CVE-2020-6792 was published May 24, 2022
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was... Moderate Unreviewed
CVE-2019-19553 was published May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9320 was published May 24, 2022
In libhevc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9318 was published May 24, 2022
In libstagefright, there is a missing variable initialization. This could lead to remote... Moderate Unreviewed
CVE-2019-9316 was published May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9321 was published May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9314 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database