Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

271 advisories

Loading
Allocation of Resources Without Limits or Throttling, Improper Initialization vulnerability in B... Moderate Unreviewed
CVE-2023-3242 was published Jul 26, 2023
Vulnerability of signature verification in the iaware system being initialized later than the... Moderate Unreviewed
CVE-2022-48518 was published Jul 6, 2023
Improper initialization for some Intel(R) NUC BIOS firmware may allow a privileged user to... Moderate Unreviewed
CVE-2022-31477 was published May 10, 2023
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote... High Unreviewed
CVE-2023-27934 was published May 8, 2023
A malicious actor may convince a victim to open a malicious USD file that may trigger an... High Unreviewed
CVE-2023-25010 was published Apr 17, 2023
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. High Unreviewed
CVE-2020-3811 was published May 24, 2022
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors... Critical Unreviewed
CVE-2015-8367 was published May 24, 2022
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by... High Unreviewed
CVE-2019-20063 was published May 24, 2022
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and... High Unreviewed
CVE-2019-14565 was published May 24, 2022
The "Forget about this site" feature in the History pane is intended to remove all saved user... Moderate Unreviewed
CVE-2019-11747 was published May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns... High Unreviewed
CVE-2019-16921 was published May 24, 2022
Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in... Critical Unreviewed
CVE-2018-11949 was published May 24, 2022
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit... High Unreviewed
CVE-2023-52452 was published Feb 22, 2024
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure... Low Unreviewed
CVE-2021-36319 was published Nov 21, 2021
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2018-2934 was published May 13, 2022
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10... High Unreviewed
CVE-2008-3637 was published May 2, 2022
prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP... Moderate Unreviewed
CVE-2001-1471 was published Apr 30, 2022
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which... High Unreviewed
CVE-2008-0062 was published May 1, 2022
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or... High Unreviewed
CVE-2007-3749 was published May 1, 2022
An improper initialization vulnerability was found in Galleon. When using Galleon to provision... Moderate Unreviewed
CVE-2023-4503 was published Feb 6, 2024
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Moderate Unreviewed
CVE-2020-16901 was published May 24, 2022
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Low Unreviewed
CVE-2020-1592 was published May 24, 2022
Open Management Infrastructure Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-38647 was published May 24, 2022
Improper initialization of x87 and SSE floating-point configuration registers in the... High Unreviewed
CVE-2022-46487 was published Dec 30, 2023
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was... High Unreviewed
CVE-2023-49062 was published Nov 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database