Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

265 advisories

Loading
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... High Unreviewed
CVE-2018-11943 was published May 13, 2022
Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server... High Unreviewed
CVE-2018-12204 was published May 13, 2022
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The... High Unreviewed
CVE-2018-14678 was published May 13, 2022
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2018-2934 was published May 13, 2022
A memory initialization issue was addressed with improved memory handling. This issue affected... Moderate Unreviewed
CVE-2018-4351 was published May 13, 2022
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS... High Unreviewed
CVE-2018-6947 was published May 13, 2022
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs... Low Unreviewed
CVE-2014-0178 was published May 14, 2022
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the... Moderate Unreviewed
CVE-2017-15897 was published May 14, 2022
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and... Moderate Unreviewed
CVE-2013-1675 was published May 17, 2022
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable... High Unreviewed
CVE-2014-9942 was published May 17, 2022
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer,... Low Unreviewed
CVE-2014-8181 was published May 17, 2022
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile,... High Unreviewed
CVE-2017-18131 was published May 24, 2022
Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in... Critical Unreviewed
CVE-2018-11949 was published May 24, 2022
In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE... Moderate Unreviewed
CVE-2019-5605 was published May 24, 2022
Moby Docker cp broken with debian containers Critical
CVE-2019-14271 was published for github.com/docker/docker (Go) May 24, 2022
yoshizawa-masatoshi neersighted
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP)... High Unreviewed
CVE-2019-12646 was published May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns... High Unreviewed
CVE-2019-16921 was published May 24, 2022
The "Forget about this site" feature in the History pane is intended to remove all saved user... Moderate Unreviewed
CVE-2019-11747 was published May 24, 2022
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in... Moderate Unreviewed
CVE-2019-15681 was published May 24, 2022
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and... High Unreviewed
CVE-2019-14565 was published May 24, 2022
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the... Low Unreviewed
CVE-2019-19126 was published May 24, 2022
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by... High Unreviewed
CVE-2019-20063 was published May 24, 2022
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors... Critical Unreviewed
CVE-2015-8367 was published May 24, 2022
Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user... Moderate Unreviewed
CVE-2020-0561 was published May 24, 2022
Improper initialization in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077... Low Unreviewed
CVE-2020-0506 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database