GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
29 advisories
Filter by severity
vim is vulnerable to Stack-based Buffer Overflow
High
Unreviewed
CVE-2021-3928
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2021-31435
was published
May 24, 2022
In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when...
High
Unreviewed
CVE-2022-34655
was published
Aug 5, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2021-46617
was published
Feb 19, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2021-46570
was published
Feb 19, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2021-46631
was published
Feb 19, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2021-46566
was published
Feb 19, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-28319
was published
Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-28320
was published
Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-28317
was published
Mar 29, 2023
An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537...
High
Unreviewed
CVE-2023-31275
was published
Nov 27, 2023
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on...
High
Unreviewed
CVE-2024-21502
was published
Feb 24, 2024
Information disclosure in modem due to missing NULL check while reading packets received from...
High
Unreviewed
CVE-2022-25737
was published
Apr 13, 2023
Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2023-34310
was published
May 3, 2024
PDF-XChange Editor U3D File Parsing Uninitialized Variable Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2023-42062
was published
May 3, 2024
Kofax Power PDF printf Uninitialized Variable Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-38088
was published
May 3, 2024
Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution...
High
Unreviewed
CVE-2023-50188
was published
May 3, 2024
Foxit PDF Reader Annotation Use of Uninitialized Variable Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2021-34953
was published
May 8, 2024
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an...
High
Unreviewed
CVE-2023-6324
was published
May 15, 2024
A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications,...
High
Unreviewed
CVE-2024-37002
was published
Jun 25, 2024
A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk...
High
Unreviewed
CVE-2024-23159
was published
Jun 25, 2024
A maliciously crafted STP or SLDPRT file when ODXSW_DLL.dll parsed through Autodesk AutoCAD can...
High
Unreviewed
CVE-2024-23137
was published
Feb 22, 2024
Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote...
High
Unreviewed
CVE-2024-6990
was published
Aug 1, 2024
Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to...
High
Unreviewed
CVE-2024-7022
was published
Sep 24, 2024
Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An...
High
Unreviewed
CVE-2024-47966
was published
Oct 10, 2024
ProTip!
Advisories are also available from the
GraphQL API