Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

281 advisories

Loading
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr Critical
CVE-2020-35888 was published for arr (Rust) Aug 25, 2021
Use of Uninitialized Resource in binjs_io. Critical
CVE-2021-45683 was published for binjs_io (Rust) Jan 6, 2022
Use of Uninitialized Resource in acc_reader. Critical
CVE-2020-36513 was published for acc_reader (Rust) Jan 6, 2022
Use of Uninitialized Resource in bite. High
CVE-2020-36511 was published for bite (Rust) Jan 6, 2022
Use of Uninitialized Resource in acc_reader. Critical
CVE-2020-36514 was published for acc_reader (Rust) Jan 6, 2022
Use of Uninitialized Resource in ash. Critical
CVE-2021-45688 was published for ash (Rust) Jan 6, 2022
tdunlap607
Uninitialized read in Nokogiri gem High
CVE-2019-13117 was published for nokogiri (RubyGems) May 24, 2022
The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service... Moderate Unreviewed
CVE-2021-40608 was published Jun 29, 2022
Use of Uninitialized Variable in trilogy Moderate
CVE-2022-31026 was published for trilogy (RubyGems) Jun 6, 2022
Read of uninitialized memory in cdr Critical
CVE-2021-26305 was published for cdr (Rust) Aug 25, 2021
tdunlap607
Out of bounds read in bra Critical
CVE-2021-25905 was published for bra (Rust) Aug 25, 2021
tdunlap607
Deserializing an array can free uninitialized memory in byte_struct Critical
CVE-2021-28033 was published for byte_struct (Rust) Aug 25, 2021
tdunlap607
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in... Moderate Unreviewed
CVE-2019-11833 was published May 24, 2022
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote... High Unreviewed
CVE-2015-8390 was published May 17, 2022
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before... High Unreviewed
CVE-2023-22281 was published Feb 1, 2023
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to... Moderate Unreviewed
CVE-2019-13751 was published May 24, 2022
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows... Low Unreviewed
CVE-2020-10732 was published May 24, 2022
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4... High Unreviewed
CVE-2015-5165 was published May 13, 2022
Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21. High Unreviewed
CVE-2022-47012 was published Jan 20, 2023
Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to... High Unreviewed
CVE-2022-0115 was published Feb 13, 2022
In code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to... Moderate Unreviewed
CVE-2021-39671 was published Feb 12, 2022
Free of uninitialized memory in telemetry Critical
CVE-2021-29937 was published for telemetry (Rust) Aug 25, 2021
Uninitialized variable access in Tensorflow High
CVE-2022-23573 was published for tensorflow (pip) Feb 9, 2022
In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to... Moderate Unreviewed
CVE-2021-39680 was published Jan 15, 2022
In seninf driver, there is a possible information disclosure due to uninitialized data. This... Moderate Unreviewed
CVE-2022-20018 was published Jan 5, 2022
ProTip! Advisories are also available from the GraphQL API