GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100 advisories
Filter by severity
An issue was discovered in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS,...
High
Unreviewed
CVE-2021-36512
was published
May 24, 2022
In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE...
High
Unreviewed
CVE-2021-29631
was published
May 24, 2022
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to...
High
Unreviewed
CVE-2021-30578
was published
May 24, 2022
An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute,...
High
Unreviewed
CVE-2020-11260
was published
May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to...
High
Unreviewed
CVE-2021-21190
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails...
High
Unreviewed
CVE-2020-16932
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails...
High
Unreviewed
CVE-2020-16931
was published
May 24, 2022
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying...
High
Unreviewed
CVE-2020-1934
was published
May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability...
High
Unreviewed
CVE-2019-18602
was published
May 24, 2022
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles...
High
Unreviewed
CVE-2019-5067
was published
May 24, 2022
Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03...
High
Unreviewed
CVE-2019-13220
was published
May 24, 2022
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function...
High
Unreviewed
CVE-2019-13135
was published
May 24, 2022
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote...
High
Unreviewed
CVE-2015-8390
was published
May 17, 2022
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which...
High
Unreviewed
CVE-2015-3414
was published
May 14, 2022
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking...
High
Unreviewed
CVE-2019-9578
was published
May 13, 2022
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could...
High
Unreviewed
CVE-2018-15911
was published
May 13, 2022
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer...
High
Unreviewed
CVE-2018-7166
was published
May 13, 2022
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows...
High
Unreviewed
CVE-2012-1891
was published
May 13, 2022
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE...
High
Unreviewed
CVE-2017-9098
was published
May 13, 2022
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG,...
High
Unreviewed
CVE-2018-6981
was published
May 13, 2022
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4...
High
Unreviewed
CVE-2015-5165
was published
May 13, 2022
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows...
High
Unreviewed
CVE-2010-2556
was published
May 13, 2022
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote...
High
Unreviewed
CVE-2010-2559
was published
May 13, 2022
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows...
High
Unreviewed
CVE-2010-3346
was published
May 13, 2022
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote...
High
Unreviewed
CVE-2010-2557
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API