Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

265 advisories

Loading
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without... Low Unreviewed
CVE-2023-45085 was published Dec 5, 2023
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was... High Unreviewed
CVE-2023-49062 was published Nov 28, 2023
Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an... High Unreviewed
CVE-2023-28737 was published Nov 14, 2023
Improper Initialization in firmware for some Intel(R) Optane(TM) SSD products may allow an... Moderate Unreviewed
CVE-2023-27306 was published Nov 14, 2023
Improper Initialization for some Intel Unison software may allow a privileged user to potentially... Low Unreviewed
CVE-2022-46301 was published Nov 14, 2023
Improper initialization for some Intel Unison software may allow an authenticated user to... Low Unreviewed
CVE-2022-45109 was published Nov 14, 2023
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker... Moderate Unreviewed
CVE-2023-5078 was published Nov 9, 2023
Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows... High Unreviewed
CVE-2023-1719 was published Nov 1, 2023
When the isula cp command is used to copy files from a container to a host machine and the... Moderate Unreviewed
CVE-2021-33638 was published Oct 29, 2023
When the isula export command is used to export a container to an image and the container is... Moderate Unreviewed
CVE-2021-33637 was published Oct 29, 2023
When the isula load command is used to load malicious images, attackers can execute arbitrary... High Unreviewed
CVE-2021-33636 was published Oct 29, 2023
When malicious images are pulled by isula pull, attackers can execute arbitrary code. High Unreviewed
CVE-2021-33635 was published Oct 29, 2023
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS. Moderate Unreviewed
CVE-2021-33634 was published Oct 29, 2023
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized.... Moderate Unreviewed
CVE-2023-5370 was published Oct 4, 2023
Improper initialization of variables in the DXE driver may allow a privileged user to leak... Moderate Unreviewed
CVE-2023-20594 was published Sep 20, 2023
Improper initialization of variables in the DXE driver may allow a privileged user to leak... Moderate Unreviewed
CVE-2023-20597 was published Sep 20, 2023
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL)... High Unreviewed
CVE-2023-40596 was published Aug 30, 2023
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond ... High Unreviewed
CVE-2020-35342 was published Aug 22, 2023
Jenkins Gogs Plugin vulnerable to unsafe default behavior and information disclosure Moderate
CVE-2023-40349 was published for org.jenkins-ci.plugins:gogs-webhook (Maven) Aug 16, 2023
Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to... Moderate Unreviewed
CVE-2023-27887 was published Aug 11, 2023
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged... Moderate Unreviewed
CVE-2022-38083 was published Aug 11, 2023
Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme... Moderate Unreviewed
CVE-2023-22444 was published Aug 11, 2023
Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to... Moderate Unreviewed
CVE-2023-22356 was published Aug 11, 2023
Allocation of Resources Without Limits or Throttling, Improper Initialization vulnerability in B... Moderate Unreviewed
CVE-2023-3242 was published Jul 26, 2023
Vulnerability of signature verification in the iaware system being initialized later than the... Moderate Unreviewed
CVE-2022-48518 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database