Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

97 advisories

Loading
The fetch(3) library uses environment variables for passing certain information, including the... High Unreviewed
CVE-2024-45289 was published Nov 12, 2024
Windows Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-1661 was published May 24, 2022
When the isula load command is used to load malicious images, attackers can execute arbitrary... High Unreviewed
CVE-2021-33636 was published Oct 29, 2023
When malicious images are pulled by isula pull, attackers can execute arbitrary code. High Unreviewed
CVE-2021-33635 was published Oct 29, 2023
Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an... High Unreviewed
CVE-2023-28737 was published Nov 14, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a... High Unreviewed
CVE-2024-0089 was published Jun 14, 2024
Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-27322 was published May 3, 2024
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-27324 was published May 3, 2024
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-27325 was published May 3, 2024
In the Linux kernel, the following vulnerability has been resolved: cfg80211: call... High Unreviewed
CVE-2021-47194 was published Apr 10, 2024
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile,... High Unreviewed
CVE-2017-18131 was published May 24, 2022
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL)... High Unreviewed
CVE-2023-40596 was published Aug 30, 2023
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond ... High Unreviewed
CVE-2020-35342 was published Aug 22, 2023
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote... High Unreviewed
CVE-2023-27934 was published May 8, 2023
A malicious actor may convince a victim to open a malicious USD file that may trigger an... High Unreviewed
CVE-2023-25010 was published Apr 17, 2023
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. High Unreviewed
CVE-2020-3811 was published May 24, 2022
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by... High Unreviewed
CVE-2019-20063 was published May 24, 2022
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and... High Unreviewed
CVE-2019-14565 was published May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns... High Unreviewed
CVE-2019-16921 was published May 24, 2022
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit... High Unreviewed
CVE-2023-52452 was published Feb 22, 2024
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10... High Unreviewed
CVE-2008-3637 was published May 2, 2022
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which... High Unreviewed
CVE-2008-0062 was published May 1, 2022
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or... High Unreviewed
CVE-2007-3749 was published May 1, 2022
Improper initialization of x87 and SSE floating-point configuration registers in the... High Unreviewed
CVE-2022-46487 was published Dec 30, 2023
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was... High Unreviewed
CVE-2023-49062 was published Nov 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database