Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

63 advisories

Loading
In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel... Moderate Unreviewed
CVE-2021-39636 was published Dec 16, 2021
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c... High Unreviewed
CVE-2022-29968 was published May 3, 2022
Missing initialization of a variable in the TPM2 source may allow a privileged user to... Moderate Unreviewed
CVE-2020-24455 was published May 24, 2022
In memory management driver, there is a possible information disclosure due to uninitialized data... Moderate Unreviewed
CVE-2021-0423 was published May 24, 2022
A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0... High Unreviewed
CVE-2021-1405 was published May 24, 2022
Access of uninitialized pointer vulnerability exists in the simulator module contained in the... High Unreviewed
CVE-2022-29925 was published Jun 15, 2022
An information disclosure vulnerability exists in the pick-and-place rotation parsing... Moderate Unreviewed
CVE-2021-40403 was published Feb 10, 2022
An information leak flaw was found due to uninitialized memory in the Linux kernel’s TIPC... Moderate Unreviewed
CVE-2022-0382 was published Feb 12, 2022
In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious... Low Unreviewed
CVE-2019-19534 was published May 24, 2022
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB... Low Unreviewed
CVE-2019-19536 was published May 24, 2022
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was... Moderate Unreviewed
CVE-2019-19553 was published May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to... Moderate Unreviewed
CVE-2020-6792 was published May 24, 2022
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active... Moderate Unreviewed
CVE-2020-11741 was published May 24, 2022
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0.... Moderate Unreviewed
CVE-2020-13899 was published May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient... Moderate Unreviewed
CVE-2018-21247 was published May 24, 2022
In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data.... Moderate Unreviewed
CVE-2020-0340 was published May 24, 2022
In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This... High Unreviewed
CVE-2020-0321 was published May 24, 2022
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot... Critical Unreviewed
CVE-2020-12523 was published May 24, 2022
In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a... Moderate Unreviewed
CVE-2021-0484 was published May 24, 2022
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public... Moderate Unreviewed
CVE-2021-28687 was published May 24, 2022
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out... High Unreviewed
CVE-2021-23994 was published May 24, 2022
Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory... High Unreviewed
CVE-2021-29980 was published May 24, 2022
A vulnerability was found in the Linux kernel in versions before v5.14-rc1. Missing size... Low Unreviewed
CVE-2021-3655 was published May 24, 2022
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset... Moderate Unreviewed
CVE-2021-26333 was published May 24, 2022
An issue was discovered in function sofia_handle_sip_i_notify in sofia.c in SignalWire freeswitch... High Unreviewed
CVE-2021-36513 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API