GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
112 advisories
Filter by severity
In writeToParcel of CursorWindow.cpp, there is a possible information disclosure due to...
Moderate
Unreviewed
CVE-2023-21276
was published
Aug 15, 2023
Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to...
Moderate
Unreviewed
CVE-2023-22330
was published
Aug 11, 2023
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to...
Moderate
Unreviewed
CVE-2023-3488
was published
Jul 28, 2023
A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper...
Moderate
Unreviewed
CVE-2023-36836
was published
Jul 14, 2023
The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized...
Moderate
Unreviewed
CVE-2021-0948
was published
Jul 13, 2023
The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in...
Moderate
Unreviewed
CVE-2023-2747
was published
Jun 15, 2023
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi...
Moderate
Unreviewed
CVE-2023-22897
was published
Apr 13, 2023
md_analyze_line in md4c.c in md4c 0.4.7 allows attackers to trigger use of uninitialized memory,...
Moderate
Unreviewed
CVE-2021-30027
was published
May 24, 2022
When using gdImageCreateFromXbm() function of gd extension in versions 7.1.x below 7.1.30, 7.2.x...
Moderate
Unreviewed
CVE-2019-11038
was published
May 24, 2022
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive...
Moderate
Unreviewed
CVE-2022-40768
was published
Sep 19, 2022
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This...
Moderate
Unreviewed
CVE-2021-22925
was published
May 24, 2022
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused...
Moderate
Unreviewed
CVE-2008-0063
was published
May 1, 2022
sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial...
Moderate
Unreviewed
CVE-2008-3688
was published
May 2, 2022
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2008-2934
was published
May 1, 2022
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize...
Moderate
Unreviewed
CVE-2009-0949
was published
May 2, 2022
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an...
Moderate
Unreviewed
CVE-2020-20739
was published
May 24, 2022
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP...
Moderate
Unreviewed
CVE-2023-42797
was published
Jan 9, 2024
Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16990.
Moderate
Unreviewed
CVE-2020-16985
was published
May 24, 2022
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products...
Moderate
Unreviewed
CVE-2023-4489
was published
Dec 15, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information...
Moderate
Unreviewed
CVE-2023-46100
was published
Nov 20, 2023
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may...
Moderate
Unreviewed
CVE-2023-25586
was published
Sep 14, 2023
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may...
Moderate
Unreviewed
CVE-2023-25585
was published
Sep 14, 2023
A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the ...
Moderate
Unreviewed
CVE-2023-25588
was published
Sep 14, 2023
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi...
Moderate
Unreviewed
CVE-2022-0494
was published
Mar 26, 2022
Uninitialized memory exposure in claxon
Moderate
CVE-2018-20992
was published
for
claxon
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API