Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

344 advisories

Loading
An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local... Moderate Unreviewed
CVE-2022-33716 was published Aug 6, 2022
In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when... High Unreviewed
CVE-2022-34655 was published Aug 5, 2022
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a... Moderate Unreviewed
CVE-2022-34266 was published Jul 20, 2022
softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail... High Unreviewed
CVE-2022-35414 was published Jul 12, 2022
The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service... Moderate Unreviewed
CVE-2021-40608 was published Jun 29, 2022
Uncontrolled Resource Consumption in @discordjs/opus High
CVE-2022-25345 was published for @discordjs/opus (npm) Jun 18, 2022
DEVTomatoCake vladfrangu
Use of Uninitialized Variable in trilogy Moderate
CVE-2022-31026 was published for trilogy (RubyGems) Jun 6, 2022
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel... Low Unreviewed
CVE-2021-21781 was published May 24, 2022
Segfault due to missing support for quantized types Moderate
CVE-2022-29205 was published for tensorflow (pip) May 24, 2022
vim is vulnerable to Stack-based Buffer Overflow High Unreviewed
CVE-2021-3928 was published May 24, 2022
In display driver, there is a possible memory corruption due to uninitialized data. This could... High Unreviewed
CVE-2021-0634 was published May 24, 2022
In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to... Moderate Unreviewed
CVE-2021-0938 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-34855 was published May 24, 2022
An issue was discovered in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS,... High Unreviewed
CVE-2021-36512 was published May 24, 2022
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS... Critical Unreviewed
CVE-2021-1619 was published May 24, 2022
In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE... High Unreviewed
CVE-2021-29631 was published May 24, 2022
Adobe Bridge version 11.0.2 (and earlier) is affected by an uninitialized variable vulnerability... Low Unreviewed
CVE-2021-35991 was published May 24, 2022
Adobe Prelude version 10.0 (and earlier) are affected by an uninitialized variable vulnerability... Low Unreviewed
CVE-2021-36007 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource... Low Unreviewed
CVE-2021-36282 was published May 24, 2022
The RISC-V Instruction Set Manual contains a documented ambiguity for the Machine Trap Vector... Critical Unreviewed
CVE-2021-1104 was published May 24, 2022
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This... Moderate Unreviewed
CVE-2021-22925 was published May 24, 2022
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to... High Unreviewed
CVE-2021-30578 was published May 24, 2022
An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute,... High Unreviewed
CVE-2020-11260 was published May 24, 2022
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user... Moderate Unreviewed
CVE-2021-3545 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function... Critical Unreviewed
CVE-2018-25014 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database