Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

267 advisories

Loading
Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an... High Unreviewed
CVE-2020-12336 was published May 24, 2022
Improper initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version... Moderate Unreviewed
CVE-2020-12326 was published May 24, 2022
In rw_i93_sm_format of rw_i93.cc, there is a possible out of bounds read due to uninitialized... Moderate Unreviewed
CVE-2020-0450 was published May 24, 2022
In the AIBinder_Class constructor of ibinder.cpp, there is a possible arbitrary code execution... High Unreviewed
CVE-2020-0438 was published May 24, 2022
OneCRL was non-functional in the new Firefox for Android due to a missing service initialization.... Moderate Unreviewed
CVE-2020-26957 was published May 24, 2022
Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex... High Unreviewed
CVE-2020-3573 was published May 24, 2022
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to... Moderate Unreviewed
CVE-2020-15989 was published May 24, 2022
In libhwbinder, there is a possible information disclosure due to uninitialized data. This could... Moderate Unreviewed
CVE-2020-0272 was published May 24, 2022
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the... Moderate Unreviewed
CVE-2017-15897 was published May 14, 2022
Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a... High Unreviewed
CVE-2020-10139 was published May 24, 2022
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs... Low Unreviewed
CVE-2014-0178 was published May 14, 2022
Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076... High Unreviewed
CVE-2022-32579 was published Aug 19, 2022
Improper initialization in the firmware for some Intel(R) NUC Laptop Kits before version BC0076... High Unreviewed
CVE-2022-27493 was published Aug 19, 2022
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a... Moderate Unreviewed
CVE-2020-11655 was published May 24, 2022
An issue existed in the handling of tabs displaying picture in picture video. The issue was... Moderate Unreviewed
CVE-2020-9775 was published May 24, 2022
Improper initialization in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077... Low Unreviewed
CVE-2020-0506 was published May 24, 2022
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until... High Unreviewed
CVE-1999-0993 was published Apr 30, 2022
Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user... Moderate Unreviewed
CVE-2020-0561 was published May 24, 2022
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in... Moderate Unreviewed
CVE-2019-15681 was published May 24, 2022
In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via ... Critical Unreviewed
CVE-2022-37128 was published Sep 1, 2022
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer,... Low Unreviewed
CVE-2014-8181 was published May 17, 2022
OpenZeppelin Contracts initializer reentrancy may lead to double initialization Moderate
CVE-2022-39384 was published for @openzeppelin/contracts (npm) Dec 14, 2021
Improper initialization in BIOS firmware for some Intel(R) NUC 11 Pro Kits and Intel(R) NUC 11... High Unreviewed
CVE-2022-37334 was published Nov 11, 2022
Improper Initialization vulnerability in the local server component of EZVIZ CS-C6N-A0-1C2WFR... Moderate Unreviewed
CVE-2022-2472 was published Sep 16, 2022
UUPSUpgradeable vulnerability in @openzeppelin/contracts Critical
CVE-2021-41264 was published for @openzeppelin/contracts (npm) Sep 15, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database