GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
142 advisories
Filter by severity
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in...
Moderate
Unreviewed
CVE-2016-0821
was published
May 13, 2022
An information disclosure vulnerability exists when Visual Studio improperly discloses limited...
Moderate
Unreviewed
CVE-2018-1037
was published
May 13, 2022
The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS...
Moderate
Unreviewed
CVE-2016-5105
was published
May 13, 2022
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of...
Moderate
Unreviewed
CVE-2018-11383
was published
May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
Moderate
Unreviewed
CVE-2018-12011
was published
May 13, 2022
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM...
Moderate
Unreviewed
CVE-2018-19974
was published
May 13, 2022
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows...
Moderate
Unreviewed
CVE-2018-20029
was published
May 13, 2022
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound...
Moderate
Unreviewed
CVE-2018-8627
was published
May 13, 2022
In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This...
Moderate
Unreviewed
CVE-2018-9499
was published
May 13, 2022
libvips before 8.7.4 generates output images from uninitialized memory locations when processing...
Moderate
Unreviewed
CVE-2019-6976
was published
May 13, 2022
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in...
Moderate
Unreviewed
CVE-2019-11833
was published
May 24, 2022
When using gdImageCreateFromXbm() function of gd extension in versions 7.1.x below 7.1.30, 7.2.x...
Moderate
Unreviewed
CVE-2019-11038
was published
May 24, 2022
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2019-5818
was published
May 24, 2022
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:...
Moderate
Unreviewed
CVE-2019-1010317
was published
May 24, 2022
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:...
Moderate
Unreviewed
CVE-2019-1010319
was published
May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error...
Moderate
Unreviewed
CVE-2019-18603
was published
May 24, 2022
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2019-13751
was published
May 24, 2022
In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of...
Moderate
Unreviewed
CVE-2020-0006
was published
May 24, 2022
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote...
Moderate
Unreviewed
CVE-2020-6398
was published
May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to...
Moderate
Unreviewed
CVE-2020-6792
was published
May 24, 2022
When processing an email message with an ill-formed envelope, Thunderbird could read data from a...
Moderate
Unreviewed
CVE-2020-6793
was published
May 24, 2022
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2020-6444
was published
May 24, 2022
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim...
Moderate
Unreviewed
CVE-2020-10933
was published
May 24, 2022
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote...
Moderate
Unreviewed
CVE-2020-13113
was published
May 24, 2022
An information disclosure vulnerability exists when Microsoft Office software reads out of bound...
Moderate
Unreviewed
CVE-2020-1342
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API