GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

124 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization... Moderate Unreviewed

CVE-2021-44003 was published Dec 15, 2021

In seninf driver, there is a possible information disclosure due to uninitialized data. This... Moderate Unreviewed

CVE-2022-20018 was published Jan 5, 2022

In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to... Moderate Unreviewed

CVE-2021-39680 was published Jan 15, 2022

In code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to... Moderate Unreviewed

CVE-2021-39671 was published Feb 12, 2022

An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of... Moderate Unreviewed

CVE-2021-21966 was published Feb 17, 2022

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi... Moderate Unreviewed

CVE-2022-0494 was published Mar 26, 2022

The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused... Moderate Unreviewed

CVE-2008-0063 was published May 1, 2022

Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service ... Moderate Unreviewed

CVE-2008-2934 was published May 1, 2022

sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial... Moderate Unreviewed

CVE-2008-3688 was published May 2, 2022

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize... Moderate Unreviewed

CVE-2009-0949 was published May 2, 2022

In camera, there is a possible information disclosure due to uninitialized data. This could lead... Moderate Unreviewed

CVE-2022-20096 was published May 4, 2022

In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to... Moderate Unreviewed

CVE-2022-20119 was published May 11, 2022

In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to... Moderate Unreviewed

CVE-2022-20008 was published May 11, 2022

An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler... Moderate Unreviewed

CVE-2018-3989 was published May 13, 2022

An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality... Moderate Unreviewed

CVE-2018-3970 was published May 13, 2022

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows,... Moderate Unreviewed

CVE-2017-5102 was published May 13, 2022

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows,... Moderate Unreviewed

CVE-2017-5103 was published May 13, 2022

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6... Moderate Unreviewed

CVE-2017-4905 was published May 13, 2022

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG... Moderate Unreviewed

CVE-2018-6982 was published May 13, 2022

The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in... Moderate Unreviewed

CVE-2016-0821 was published May 13, 2022

An information disclosure vulnerability exists when Visual Studio improperly discloses limited... Moderate Unreviewed

CVE-2018-1037 was published May 13, 2022

The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS... Moderate Unreviewed

CVE-2016-5105 was published May 13, 2022

The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of... Moderate Unreviewed

CVE-2018-11383 was published May 13, 2022

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... Moderate Unreviewed

CVE-2018-12011 was published May 13, 2022

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM... Moderate Unreviewed

CVE-2018-19974 was published May 13, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

124 advisories