Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
vim is vulnerable to Stack-based Buffer Overflow High Unreviewed
CVE-2021-3928 was published May 24, 2022
In display driver, there is a possible memory corruption due to uninitialized data. This could... High Unreviewed
CVE-2021-0634 was published May 24, 2022
An issue was discovered in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS,... High Unreviewed
CVE-2021-36512 was published May 24, 2022
In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE... High Unreviewed
CVE-2021-29631 was published May 24, 2022
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to... High Unreviewed
CVE-2021-30578 was published May 24, 2022
An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute,... High Unreviewed
CVE-2020-11260 was published May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to... High Unreviewed
CVE-2021-21190 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16932 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails... High Unreviewed
CVE-2020-16931 was published May 24, 2022
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying... High Unreviewed
CVE-2020-1934 was published May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability... High Unreviewed
CVE-2019-18602 was published May 24, 2022
Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability High
CVE-2019-18197 was published for nokogiri (RubyGems) May 24, 2022
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles... High Unreviewed
CVE-2019-5067 was published May 24, 2022
Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03... High Unreviewed
CVE-2019-13220 was published May 24, 2022
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function... High Unreviewed
CVE-2019-13135 was published May 24, 2022
Uninitialized read in Nokogiri gem High
CVE-2019-13117 was published for nokogiri (RubyGems) May 24, 2022
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote... High Unreviewed
CVE-2015-8390 was published May 17, 2022
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which... High Unreviewed
CVE-2015-3414 was published May 14, 2022
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking... High Unreviewed
CVE-2019-9578 was published May 13, 2022
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could... High Unreviewed
CVE-2018-15911 was published May 13, 2022
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer... High Unreviewed
CVE-2018-7166 was published May 13, 2022
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows... High Unreviewed
CVE-2012-1891 was published May 13, 2022
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE... High Unreviewed
CVE-2017-9098 was published May 13, 2022
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG,... High Unreviewed
CVE-2018-6981 was published May 13, 2022
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4... High Unreviewed
CVE-2015-5165 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database