GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
114 advisories
Filter by severity
An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of...
Moderate
Unreviewed
CVE-2021-21966
was published
Feb 17, 2022
A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization...
Moderate
Unreviewed
CVE-2021-44003
was published
Dec 15, 2021
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:...
Moderate
Unreviewed
CVE-2019-1010317
was published
May 24, 2022
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:...
Moderate
Unreviewed
CVE-2019-1010319
was published
May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error...
Moderate
Unreviewed
CVE-2019-18603
was published
May 24, 2022
In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of...
Moderate
Unreviewed
CVE-2020-0006
was published
May 24, 2022
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote...
Moderate
Unreviewed
CVE-2020-6398
was published
May 24, 2022
When processing an email message with an ill-formed envelope, Thunderbird could read data from a...
Moderate
Unreviewed
CVE-2020-6793
was published
May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to...
Moderate
Unreviewed
CVE-2020-6792
was published
May 24, 2022
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2020-6444
was published
May 24, 2022
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim...
Moderate
Unreviewed
CVE-2020-10933
was published
May 24, 2022
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote...
Moderate
Unreviewed
CVE-2020-13113
was published
May 24, 2022
An information disclosure vulnerability exists when Microsoft Office software reads out of bound...
Moderate
Unreviewed
CVE-2020-1342
was published
May 24, 2022
A vulnerability classified as problematic has been found in Linux Kernel. This affects the...
Moderate
Unreviewed
CVE-2022-3642
was published
Oct 21, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14704
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14703
was published
May 24, 2022
In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bounds write due to...
Moderate
Unreviewed
CVE-2020-0411
was published
May 24, 2022
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user...
Moderate
Unreviewed
CVE-2020-17482
was published
May 24, 2022
In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data...
Moderate
Unreviewed
CVE-2021-0463
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31419
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31423
was published
May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2021-21218
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31417
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31418
was published
May 24, 2022
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user...
Moderate
Unreviewed
CVE-2021-3545
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API