Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

280 advisories

Loading
A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a... Moderate Unreviewed
CVE-2020-10725 was published May 24, 2022
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a... Moderate Unreviewed
CVE-2020-11655 was published May 24, 2022
An issue existed in the handling of tabs displaying picture in picture video. The issue was... Moderate Unreviewed
CVE-2020-9775 was published May 24, 2022
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable... High Unreviewed
CVE-2019-7630 was published May 24, 2022
Improper initialization in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077... Low Unreviewed
CVE-2020-0506 was published May 24, 2022
Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user... Moderate Unreviewed
CVE-2020-0561 was published May 24, 2022
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors... Critical Unreviewed
CVE-2015-8367 was published May 24, 2022
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by... High Unreviewed
CVE-2019-20063 was published May 24, 2022
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the... Low Unreviewed
CVE-2019-19126 was published May 24, 2022
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and... High Unreviewed
CVE-2019-14565 was published May 24, 2022
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in... Moderate Unreviewed
CVE-2019-15681 was published May 24, 2022
The "Forget about this site" feature in the History pane is intended to remove all saved user... Moderate Unreviewed
CVE-2019-11747 was published May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns... High Unreviewed
CVE-2019-16921 was published May 24, 2022
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP)... High Unreviewed
CVE-2019-12646 was published May 24, 2022
Moby Docker cp broken with debian containers Critical
CVE-2019-14271 was published for github.com/docker/docker (Go) May 24, 2022
yoshizawa-masatoshi neersighted
In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE... Moderate Unreviewed
CVE-2019-5605 was published May 24, 2022
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Moderate Unreviewed
CVE-2019-1039 was published May 24, 2022
Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in... Critical Unreviewed
CVE-2018-11949 was published May 24, 2022
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile,... High Unreviewed
CVE-2017-18131 was published May 24, 2022
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer,... Low Unreviewed
CVE-2014-8181 was published May 17, 2022
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable... High Unreviewed
CVE-2014-9942 was published May 17, 2022
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and... Moderate Unreviewed
CVE-2013-1675 was published May 17, 2022
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the... Moderate Unreviewed
CVE-2017-15897 was published May 14, 2022
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs... Low Unreviewed
CVE-2014-0178 was published May 14, 2022
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS... High Unreviewed
CVE-2018-6947 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database