Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

65 advisories

Loading
In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel... Moderate Unreviewed
CVE-2021-39636 was published Dec 16, 2021
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c... High Unreviewed
CVE-2022-29968 was published May 3, 2022
Missing initialization of a variable in the TPM2 source may allow a privileged user to... Moderate Unreviewed
CVE-2020-24455 was published May 24, 2022
In memory management driver, there is a possible information disclosure due to uninitialized data... Moderate Unreviewed
CVE-2021-0423 was published May 24, 2022
A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0... High Unreviewed
CVE-2021-1405 was published May 24, 2022
Access of uninitialized pointer vulnerability exists in the simulator module contained in the... High Unreviewed
CVE-2022-29925 was published Jun 15, 2022
An information disclosure vulnerability exists in the pick-and-place rotation parsing... Moderate Unreviewed
CVE-2021-40403 was published Feb 10, 2022
An information leak flaw was found due to uninitialized memory in the Linux kernel’s TIPC... Moderate Unreviewed
CVE-2022-0382 was published Feb 12, 2022
In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious... Low Unreviewed
CVE-2019-19534 was published May 24, 2022
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB... Low Unreviewed
CVE-2019-19536 was published May 24, 2022
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was... Moderate Unreviewed
CVE-2019-19553 was published May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to... Moderate Unreviewed
CVE-2020-6792 was published May 24, 2022
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active... Moderate Unreviewed
CVE-2020-11741 was published May 24, 2022
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0.... Moderate Unreviewed
CVE-2020-13899 was published May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient... Moderate Unreviewed
CVE-2018-21247 was published May 24, 2022
In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data.... Moderate Unreviewed
CVE-2020-0340 was published May 24, 2022
In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This... High Unreviewed
CVE-2020-0321 was published May 24, 2022
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot... Critical Unreviewed
CVE-2020-12523 was published May 24, 2022
In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a... Moderate Unreviewed
CVE-2021-0484 was published May 24, 2022
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public... Moderate Unreviewed
CVE-2021-28687 was published May 24, 2022
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out... High Unreviewed
CVE-2021-23994 was published May 24, 2022
Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory... High Unreviewed
CVE-2021-29980 was published May 24, 2022
A vulnerability was found in the Linux kernel in versions before v5.14-rc1. Missing size... Low Unreviewed
CVE-2021-3655 was published May 24, 2022
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset... Moderate Unreviewed
CVE-2021-26333 was published May 24, 2022
An issue was discovered in function sofia_handle_sip_i_notify in sofia.c in SignalWire freeswitch... High Unreviewed
CVE-2021-36513 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database