Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

281 advisories

Loading
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to... Moderate Unreviewed
CVE-2020-6444 was published May 24, 2022
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying... High Unreviewed
CVE-2020-1934 was published May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to... Moderate Unreviewed
CVE-2020-6792 was published May 24, 2022
When processing an email message with an ill-formed envelope, Thunderbird could read data from a... Moderate Unreviewed
CVE-2020-6793 was published May 24, 2022
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote... Moderate Unreviewed
CVE-2020-6398 was published May 24, 2022
In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of... Moderate Unreviewed
CVE-2020-0006 was published May 24, 2022
In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to... Low Unreviewed
CVE-2020-0007 was published May 24, 2022
In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in... Low Unreviewed
CVE-2019-18786 was published May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error... Moderate Unreviewed
CVE-2019-18603 was published May 24, 2022
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB... Low Unreviewed
CVE-2019-19535 was published May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability... High Unreviewed
CVE-2019-18602 was published May 24, 2022
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles... High Unreviewed
CVE-2019-5067 was published May 24, 2022
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:... Moderate Unreviewed
CVE-2019-1010319 was published May 24, 2022
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function... High Unreviewed
CVE-2019-13135 was published May 24, 2022
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which... High Unreviewed
CVE-2015-3414 was published May 14, 2022
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized... High Unreviewed
CVE-2022-2950 was published Dec 13, 2022
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:... Moderate Unreviewed
CVE-2019-1010317 was published May 24, 2022
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-34390 was published Oct 13, 2022
A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when... High Unreviewed
CVE-2020-27795 was published Aug 20, 2022
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel... Low Unreviewed
CVE-2021-21781 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function... Critical Unreviewed
CVE-2018-25014 was published May 24, 2022
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS... Critical Unreviewed
CVE-2021-1619 was published May 24, 2022
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization... Moderate Unreviewed
CVE-2021-44003 was published Dec 15, 2021
An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of... Moderate Unreviewed
CVE-2021-21966 was published Feb 17, 2022
Segfault due to missing support for quantized types Moderate
CVE-2022-29205 was published for tensorflow (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API